CVE-2014-0114

Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrar...

[SA19493] Struts Multiple Vulnerabilities

TITLE: Struts Multiple Vulnerabilities SECUNIA ADVISORY ID: SA19493 VERIFY ADVISORY: http://secunia.com/advisories/19493/ CRITICAL: Moderately critical IMPACT: Security Bypass, Cross Site Scripting, DoS WHERE: From remote SOFTWARE: Apache Struts 1.2.x http://secunia.com/product/6179/ DESCRIPTION:...