You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@struts.apache.org by "Jack Hagan (Jira)" <ji...@apache.org> on 2020/01/22 21:13:00 UTC

[jira] [Created] (WW-5055) Fix for security vulnerability CVE-2012-1592 identified in the National Vulnerability Database

Jack Hagan created WW-5055:
------------------------------

             Summary: Fix for security vulnerability CVE-2012-1592 identified in the National Vulnerability Database
                 Key: WW-5055
                 URL: https://issues.apache.org/jira/browse/WW-5055
             Project: Struts 2
          Issue Type: Improvement
            Reporter: Jack Hagan


h2. CVE-2012-1592 Detail
h3. Current Description

A local code execution issue exists in Apache Struts2 when processing malformed XSLT files, which could let a malicious user upload and execute arbitrary files.

See a bug report at the following URL:

[http://seclists.org/bugtraq/2012/Mar/110]



--
This message was sent by Atlassian Jira
(v8.3.4#803005)