Struts2 latest remote code execution vulnerability S2-0 1 6 official patch analysis-vulnerability warning-the black bar safety net

ID MYHACK58:62201339706
Type myhack58
Reporter dingo
Modified 2013-07-18T00:00:00


Contrast a bit stucts svn, in fact, only modified one file


For the action of the prefix, an increase cleanactionname function, filtering the ognl implementation,

For the redirect and redirect_action prefix, the direct removal.