Parthiban Palanisamy created WW-4867:
----------------------------------------
Summary: Apache Struts framework 1.1 and 2.x vulnerability
clarification
Key: WW-4867
URL: https://issues.apache.org/jira/browse/WW-4867
Project: Struts 2
Issue Type: Task
Environment: apache Struts framework 1.1
Reporter: Parthiban Palanisamy
Priority: Blocker
Hello,
I'm the active user of apache Struts framework 1.1 and 2.x. Recently we learned
that there is a vulnerability in Apache Struts' Jakarta Multipart parser as
high risk. This may lead to warning of remote code execution (RCE) attacks that
were evident at Equifax which lead to complete system compromises. So I would
like to take your inputs and understand the recent vulnerability over RCE is
also affected 1.1/1.x versions precisely.
If yes, could you please support with your thoughts over next course of action
to resolve the issue?
Thanks and appreciate your support at the earliest.
Regards,
Parthiban
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
