About Apache Struts vulnerability

Successfully exploiting this issue may allow an attacker to execute arbitrary code in the context of the affected application.

Additional Information

Apache Struts is a framework for building Web applications.

Apache Struts is prone to a remote code-execution vulnerability. Specifically, this issue affects the Jakarta based file upload Multipart parser. An attacker can exploit this issue through a malicious Content-Type value.

Successfully exploiting this issue may allow an attacker to execute arbitrary code in the context of the affected application.

Affected

  • Versions prior to Apache Struts 2.3.32 and 2.5.10.1 are vulnerable.

Comments are closed.