Summary
Excerpt |
---|
When using Struts 2 token mechanism for CSRF protection, token configuration might be tweaked to allow access by misusing known session attributes |
Who should read this | All Struts 2 developers |
---|---|
Impact of vulnerability | CSRF protection weakening |
Maximum security rating | Moderate |
Recommendation | Developers should either upgrade to Struts 2.3.4.1 |
Affected Software | Struts 2.0.0 - Struts 2.3.4 |
Original JIRA Tickets | |
Reporter | - |
CVE Identifier | - |
Problem
User input is evaluated as an OGNL expression when there's a conversion error. This allows a malicious user to execute arbitrary code.
A more detailed description is found in the referenced JIRA ticket.
Solution
Upgrade to Struts 2.2.3.1.