CVE 2015-1831
The default exclude patterns (excludeParams) in Apache Struts 2.3.20 allow remote attackers to "compromise internal state of an application" via unspecified vectors.
See the 
CVE page on Mitre.org
for more details.
Launchpad.net
References
- CONFIRM: https://struts.apache....
- BID: 75940
- SECTRACK: 1032985
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
a60fb26
(Get the code!)