On 2/13/2018 12:34 PM, Rajvinder Pal wrote: > Hi, > > I have a struts application deployed on application server. Some time I am > receiving the below requests in web server logs. Not sure if i can post it > in this struts forum. What should i do to restrict it?What kind of > vulnerability it is ?
Hi, It seems it's S2-016 [1] (CVE-2013-2251 [2]). [1] https://cwiki.apache.org/confluence/display/WW/S2-016 [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2251 --------------------------------------------------------------------- To unsubscribe, e-mail: user-unsubscr...@struts.apache.org For additional commands, e-mail: user-h...@struts.apache.org
