You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@struts.apache.org by "Lukasz Lenart (Jira)" <ji...@apache.org> on 2023/11/10 08:48:00 UTC

[jira] [Closed] (WW-5361) Does CVE-2023-41835 still exist in Struts 2.5.31

     [ https://issues.apache.org/jira/browse/WW-5361?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Lukasz Lenart closed WW-5361.
-----------------------------
    Resolution: Not A Problem

Please such question on the User mailing list.

And Struts 2.5.31 is affected, more details here https://cwiki.apache.org/confluence/display/WW/S2-065

> Does CVE-2023-41835 still exist in Struts 2.5.31
> ------------------------------------------------
>
>                 Key: WW-5361
>                 URL: https://issues.apache.org/jira/browse/WW-5361
>             Project: Struts 2
>          Issue Type: Temp
>          Components: Core
>            Reporter: shansh
>            Priority: Major
>
> I would like to inquire about the status change of CVE-2023-41835. Why has the issue changed from being accepted to being reserved? Does this mean that the vulnerability reported previously does not exist or cannot be reproduced? Can someone from the community provide more information about this status change?



--
This message was sent by Atlassian Jira
(v8.20.10#820010)