You are probably correct on due to the different frameworks. If I do need to test Struts v1 where do I obtain the test instructions from? I could not find them when searching earlier.
Regards, Rayne IBM Watson Financial Services 10925 David Taylor Drive Charlotte, NC 28262-1040, US MG82/202 (704) 501-0331 From: Lukasz Lenart <[email protected]> To: Struts Users Mailing List <[email protected]> Date: 08/21/2020 05:57 AM Subject: [EXTERNAL] Re: CVE-2019-0233 is Struts v1 vulnerable? pt., 21 sie 2020 o 11:30 Rayne Anderson <[email protected]> napisał(a): > > I know that Apache Struts File upload CVE-2019-0233 applies to Struts v2. > Does the CVE apply to Struts v1.3.8? I would say no as these are totally different frameworks but we didn't test Struts 1.3.8 against this vulnerability as Struts 1 has reached End-of-Life a few years ago. Regards -- Łukasz + 48 606 323 122 http://www.lenart.org.pl/ --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
