victorsosa created WW-4582: ------------------------------ Summary: adds 'class' to exclude params in ParametersInterceptor (avoid ClassLoader manipulation) Key: WW-4582 URL: https://issues.apache.org/jira/browse/WW-4582 Project: Struts 2 Issue Type: Bug Components: Core Interceptors Affects Versions: 2.3.24 Reporter: victorsosa Priority: Critical Fix For: 2.3.25, 2.5
Hi, This is a permanent patch for security issue CVE-2014-0094; this adds 'class' to exclude params in ParametersInterceptor (avoid ClassLoader manipulation) -- This message was sent by Atlassian JIRA (v6.3.4#6332)