All Products
Search
Document Center

[Vulnerability notice] Remote code execution vulnerability in Struts s2-037

Last Updated: Apr 08, 2018

Vulnerability description

When the REST extension is enabled for Struts2, attackers can craft malicious code to remotely run any commands.

Affected scope

Struts 2.3.20 - 2.3.28.1

How to fix