Adds readme with more detailed explanation how to use the plugin


Branch: refs/heads/master
Commit: bd18c11e3082b2947abbb1583fd73d87589ae2f6
Parents: 1aa4a9c
Author: Lukasz Lenart <>
Authored: Sat Mar 18 14:53:42 2017 +0100
Committer: Lukasz Lenart <>
Committed: Sat Mar 18 14:53:42 2017 +0100

 .../                                   | 30 ++++++++++++++++++++
 1 file changed, 30 insertions(+)
diff --git a/struts2-secure-jakarta-multipart-parser-plugin/ 
new file mode 100644
index 0000000..acaeb80
--- /dev/null
+++ b/struts2-secure-jakarta-multipart-parser-plugin/
@@ -0,0 +1,30 @@
+# Apache Struts 2 Extras - secure Jakarta Multipart parser plugin
+This plugin provides a safe implementation of the Jakarta Multipart parser 
from the Struts Core. It can be used
+to mitigate vulnerability described in the 
[S2-045]( Security Bulletin.
+You should use this plugin in case you are not able to migrated to the latest 
Struts version.
+## Supported versions
+This plugins can be used with the Apache Struts versions 2.5.8 till 2.5.5, if 
you are running the Apache Struts 2.5.8+
+you must migrate to the latest version which is [Struts](
+## How to use it
+Just drop the jar into `WEB-INF/libs` folder and restart your application, you 
can use on of the existing PoCs
+to test if everything is ok.
+If you are using Maven to build your project, please add the following 
dependency into your pom:
+    <groupId>org.apache.struts</groupId>
+    <artifactId>struts2-secure-jakarta-multipart-parser-plugin</artifactId>
+    <version>[VERSION]</version>            
+## Remarks
+Please be aware that this is just a temporary solution, you should consider 
migration to the latest version anyway.

Reply via email to