Re: Quick question on the patch for CVE-2018-11776

wt., 4 wrz 2018 o 07:31 Akkina, Rahul Anand napisał(a): > > Hi Team, > > Greetings for the day ! > > One of the applications(very old) which we host uses struts 1.1 and to just > add to guarantee we are not exposing any action path with url pattern /* , > Going by the details posted below forums

Quick question on the patch for CVE-2018-11776

Hi Team, Greetings for the day ! One of the applications(very old) which we host uses struts 1.1 and to just add to guarantee we are not exposing any action path with url pattern /* , Going by the details posted below forums the vulnerability is specific to struts 2 vulnerabilities. https://c

RE: Quick question on the patch for CVE-2018-11776

>From: Kiran Ananthpur Bacche (kbacche) >Sent: Friday, August 31, 2018 7:27 AM >To: user@struts.apache.org >Subject: Quick question on the patch for CVE-2018-11776 > >Hi Team, > >Version 2.3.35 is the official patch for this vulnerability. However v2.3.35 >has a >bunch of other fixes too. > >So i