SummaryA DoS attack is available for Spring secured actions
Who should read this
All Struts 2 developers and users
Impact of vulnerability
A DoS attack is available for Spring secured actions
Maximum security rating
Upgrade to Struts 2.5.11
Struts 2.5 - Struts 2.5.10
Yasser Zamani <yasser dot zamani at live dot com>
When using a Spring AOP functionality to secure Struts actions it is possible to perform a DoS attack when user was properly authenticated
Upgrade to Apache Struts version 2.5.11.
No backward incompatibility issues are expected.
Please define the below constant in a