You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@struts.apache.org by Sean Ford <sd...@gmail.com> on 2010/03/19 18:53:10 UTC

struts 2.1.8.1 XSS vulnerability

Just a heads up, there is an XSS vulnerability in struts 2.1.8.1. I
created a JIRA ticket with possible patch:
https://issues.apache.org/jira/browse/WW-3410

I tried to email security@struts.apache.org but received no reply...
not sure if anyone is listening to that alias...

Thanks,
Sean

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@struts.apache.org
For additional commands, e-mail: dev-help@struts.apache.org