On 2/13/2018 12:34 PM, Rajvinder Pal wrote:
> Hi,
> I have a struts application deployed on application server. Some time I am
> receiving the below requests in web server logs. Not sure if i can post it
> in this struts forum. What should i do to restrict it?What kind of
> vulnerability it is ?


It seems it's S2-016 [1] (CVE-2013-2251 [2]).

[1] https://cwiki.apache.org/confluence/display/WW/S2-016
[2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2251

To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
For additional commands, e-mail: user-h...@struts.apache.org

Reply via email to