CVE 2017-12611
In Apache Struts 2.0.0 through 2.3.33 and 2.5 through 2.5.10.1, using an unintentional expression in a Freemarker tag instead of string literals can lead to a RCE attack.
See the 
CVE page on Mitre.org
for more details.
Launchpad.net
References
- CONFIRM: https://struts.apache....
- CONFIRM: http://www.arubanetwor...
- CONFIRM: https://kb.netapp.com/...
- BID: 100829
- CONFIRM: http://www.oracle.com/...
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0f7b58d
(Get the code!)