SUSE CVE-2015-0899

The MultiPageValidator implementation in Apache Struts 1 1.1 through 1.3.10 allows remote attackers to bypass intended access restrictions via a modified page parameter...

Improper Input Validation in Apache Struts

The MultiPageValidator implementation in Apache Struts 1 1.1 through 1.3.10 allows remote attackers to bypass intended access restrictions via a modified page parameter...

IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.14 / 9.x < 9.0.0.8 Security Bypass (CVE-2015-0899)

The IBM WebSphere Application Server running on the remote host is version 7.0.0.x through 7.0.0.45, 8.0.0.x through 8.0.0.15, 8.5.0.x prior to 8.5.5.14, or 9.x prior to 9.0.0.8. It is, therefore, affected by a vulnerability in the Apache Struts subcomponent deu to an error in the...

Security Bulletin: Potential vulnerability in WebSphere Application Server shipped with Tivoli Integrated Portal (CVE-2015-0899)

Summary There is a potential vulnerability in WebSphere Application Server. Vulnerability Details CVEID: CVE-2015-0899 DESCRIPTION: Apache Struts could allow a remote attacker to bypass security restrictions, caused by an error in the MultiPageValidator implementation. An attacker could exploit...

Security Bulletin: Security vulnerabilities in Apache Struts might affect IBM Business Process Manager and WebSphere Lombardi Edition (CVE-2016-1181, CVE-2016-1182, CVE-2015-0899)

Summary Multiple security vulnerabilities have been reported for Apache Struts that is used by IBM Business Process Manager and WebSphere Lombardi Edition. Vulnerability Details CVEID: CVE-2016-1181 DESCRIPTION: Apache Struts could allow a remote attacker to execute arbitrary code on the system,...

Apache Struts 1.x - 1.3.10 Multiple Vulnerabilities - Windows

Apache Struts is prone to multiple vulnerabilities. Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2015-0899

The MultiPageValidator implementation in Apache Struts 1 1.1 through 1.3.10 allows remote attackers to bypass intended access restrictions via a modified page parameter...

Information disclosure

The MultiPageValidator implementation in Apache Struts 1 1.1 through 1.3.10 allows remote attackers to bypass intended access restrictions via a modified page parameter...

CVE-2015-0899

The MultiPageValidator implementation in Apache Struts 1 1.1 through 1.3.10 allows remote attackers to bypass intended access restrictions via a modified page parameter...

CVE-2015-0899

The MultiPageValidator implementation in Apache Struts 1 1.1 through 1.3.10 allows remote attackers to bypass intended access restrictions via a modified page parameter...

CVE-2015-0899

CVE-2015-0899 affects Apache Struts 1.x (1.1–1.3.10) where the MultiPageValidator allows remote bypass of access restrictions via a modified page parameter. IBM advisories (IBM Library Support for Struts 1.3.16 remediation, and related IBM bulletins) confirm this family of vulnerabilities and lis...

Apache Struts Security Restriction Bypass Vulnerability

Apache Struts is an open source architecture for building Java web applications. An input validation bypass vulnerability exists in the MultiPageValidator function in Apache Struts versions prior to 1.2.9 SP2. An attacker can exploit this vulnerability to bypass security restrictions and perform...