[jira] [Commented] (WW-5055) Fix for security vulnerability CVE-2012-1592 identified in the National Vulnerability Database

Juan Santos (Jira) Thu, 03 Sep 2020 17:26:17 -0700


    [ 
https://issues.apache.org/jira/browse/WW-5055?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17190446#comment-17190446
 ]


Juan Santos commented on WW-5055:
---------------------------------

Hi Team

Is this vulnerability still affecting current Struts version(2.5.22)?

 

Regards

> Fix for security vulnerability CVE-2012-1592 identified in the National 
> Vulnerability Database
> ----------------------------------------------------------------------------------------------
>
>                 Key: WW-5055
>                 URL: https://issues.apache.org/jira/browse/WW-5055
>             Project: Struts 2
>          Issue Type: Improvement
>            Reporter: Jack Hagan
>            Priority: Major
>              Labels: security
>
> h2. CVE-2012-1592 Detail
> h3. Current Description
> A local code execution issue exists in Apache Struts2 when processing 
> malformed XSLT files, which could let a malicious user upload and execute 
> arbitrary files.
> See a bug report at the following URL:
> [http://seclists.org/bugtraq/2012/Mar/110]



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (WW-5055) Fix for security vulnerability CVE-2012-1592 identified in the National Vulnerability Database

Reply via email to