Description
- Possible Remote Code Execution attack when using the Struts REST plugin with XStream handler to handle XML payloads.
Remediation
- Upgrade to Struts 2.5.13 or Struts 2.3.34.
References
Severity
Classification
Tags
Related Vulnerabilities