edit-icon download-icon

[Vulnerability notice] Remote code execution vulnerability in Struts s2-037

Last Updated: Apr 08, 2018

Vulnerability description

When the REST extension is enabled for Struts2, attackers can craft malicious code to remotely run any commands.

Affected scope

Struts 2.3.20 - 2.3.28.1

How to fix

Thank you! We've received your feedback.