...
Who should read this | All Struts 2 developers and users |
---|---|
Impact of vulnerability | If a production system using Struts 2 was updated to fix a particular historic security issue and was not updated thereafter to fix later documented security issues up to and including S2-057, it is possible that said production system is still vulnerable to the specific vulnerability that was meant to be fixed by a taking measures as explained in the historic security issue bulletin. |
Maximum security rating | MediumModerate |
Recommendation | |
Affected Software | Struts 2.0.0 - 2.5.12 |
Reporter | Ben Ronallo from the Black Duck research team within Synopsys |
CVE Identifier | - |
...