Google-sovellukset

Päävalikko

Post a Comment On: lo-fi

"Struts 2 Security Update"

No comments yet. -

1 – 0 of 0

A couple of weeks ago, a remote exploit was demonstrated for applications using Struts 2.0.8 and below. It's a scary one. Like System.exit(0) scary. In some ways I can't believe that it got this far because it's such a simple one.

Anyway, if you're using Struts 2 below verson 2.0.9, or if you're using WebWork below version 2.0.4, do yourself a favor and UPDATE your jars.

Easy way: just update your xwork jar file (download the full lib here)
Better way: update to Struts2.0.9

posted by Eric at 10:02 AM on Jul 25, 2007

Leave your comment

You can use some HTML tags, such as <b>, <i>, <a>

Comment moderation has been enabled. All comments must be approved by the blog author.

Choose an identity

Google Account

You will be asked to sign in after submitting your comment.

Name/URL

Comment with your Google account if you’d like to be able to manage your comments in the future. If you comment anonymously, you won’t be able to edit or delete your comment. Learn more

Name
URL

Anonymous

Comment with your Google account if you’d like to be able to manage your comments in the future. If you comment anonymously, you won’t be able to edit or delete your comment. Learn more

Please prove you're not a robot