Adds more detailed readme with explanation how to use the plugin


Branch: refs/heads/master
Commit: 29f423199d19f52aad8f4241a34eae418fff6667
Parents: 1cd42a6
Author: Lukasz Lenart <>
Authored: Sat Mar 18 14:54:58 2017 +0100
Committer: Lukasz Lenart <>
Committed: Sat Mar 18 14:54:58 2017 +0100

 .../                                   | 30 ++++++++++++++++++++
 1 file changed, 30 insertions(+)
diff --git a/struts2-secure-jakarta-stream-multipart-parser-plugin/ 
new file mode 100644
index 0000000..c37e0a8
--- /dev/null
+++ b/struts2-secure-jakarta-stream-multipart-parser-plugin/
@@ -0,0 +1,30 @@
+# Apache Struts 2 Extras - Secure Jakarta Stream Multipart parser plugin
+This plugin provides a safe implementation of the Jakarta Stream Multipart 
parser from the Struts Core. It can be used
+to mitigate vulnerability described in the 
[S2-045]( Security Bulletin.
+You should use this plugin in case you are not able to migrated to the latest 
Struts version.
+## Supported versions
+This plugins can be used with the Apache Struts versions 2.5.20 till 2.5.5, if 
you are running the Apache Struts 2.5.8+
+you must migrate to the latest version which is [Struts](
+## How to use it
+Just drop the jar into `WEB-INF/libs` folder and restart your application, you 
can use on of the existing PoCs
+to test if everything is ok.
+If you are using Maven to build your project, please add the following 
dependency into your pom:
+    <groupId>org.apache.struts</groupId>
+    <artifactId>struts2-secure-jakarta-multipart-parser-plugin</artifactId>
+    <version>[VERSION]</version>            
+## Remarks
+Please be aware that this is just a temporary solution, you should consider 
migration to the latest version anyway.

Reply via email to