You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@struts.apache.org by "Jack Hagan (Jira)" <ji...@apache.org> on 2020/01/22 21:13:00 UTC
[jira] [Created] (WW-5055) Fix for security vulnerability
CVE-2012-1592 identified in the National Vulnerability Database
Jack Hagan created WW-5055:
------------------------------
Summary: Fix for security vulnerability CVE-2012-1592 identified in the National Vulnerability Database
Key: WW-5055
URL: https://issues.apache.org/jira/browse/WW-5055
Project: Struts 2
Issue Type: Improvement
Reporter: Jack Hagan
h2. CVE-2012-1592 Detail
h3. Current Description
A local code execution issue exists in Apache Struts2 when processing malformed XSLT files, which could let a malicious user upload and execute arbitrary files.
See a bug report at the following URL:
[http://seclists.org/bugtraq/2012/Mar/110]
--
This message was sent by Atlassian Jira
(v8.3.4#803005)