[
https://issues.apache.org/jira/browse/WW-4867?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Parthiban Palanisamy updated WW-4867:
-------------------------------------
Priority: Trivial (was: Blocker)
> Apache Struts framework 1.1 and 2.x vulnerability clarification
> ---------------------------------------------------------------
>
> Key: WW-4867
> URL: https://issues.apache.org/jira/browse/WW-4867
> Project: Struts 2
> Issue Type: Temp
> Environment: apache Struts framework 1.1
> Reporter: Parthiban Palanisamy
> Priority: Trivial
> Labels: documentation
>
> Hello,
> I'm the active user of apache Struts framework 1.1 and 2.x. Recently we
> learned that there is a vulnerability in Apache Struts' Jakarta Multipart
> parser as high risk. This may lead to warning of remote code execution (RCE)
> attacks that were evident at Equifax which lead to complete system
> compromises. So I would like to take your inputs and understand the recent
> vulnerability over RCE is also affected 1.1/1.x versions precisely.
> If yes, could you please support with your thoughts over next course of
> action to resolve the issue?
> Thanks and appreciate your support at the earliest.
> Regards,
> Parthiban
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
