Summary
When using Struts 2 token mechanism for CSRF protection, token configuration might be tweaked to allow access by misusing known session attributes
Who should read this |
All Struts 2 developers |
|---|---|
Impact of vulnerability |
CSRF protection weakening |
Maximum security rating |
Moderate |
Recommendation |
Developers should either upgrade to Struts 2.3.4.1 |
Affected Software |
Struts 2.0.0 - Struts 2.3.4 |
Original JIRA Tickets |
|
Reporter |
- |
CVE Identifier |
- |
Problem
User input is evaluated as an OGNL expression when there's a conversion error. This allows a malicious user to execute arbitrary code.
A more detailed description is found in the referenced JIRA ticket.
Solution
Upgrade to Struts 2.2.3.1.