2 matches found
GHSA-X5FC-PGPX-59J5 Server side object manipulation in Apache Struts
OGNL provides, among other features, extensive expression evaluation capabilities. This vulnerability allows a malicious user to bypass the ''-usage protection built into the ParametersInterceptor, thus being able to manipulate server side context objects. This behavior was already addressed in...
Server side object manipulation in Apache Struts
OGNL provides, among other features, extensive expression evaluation capabilities. This vulnerability allows a malicious user to bypass the ''-usage protection built into the ParametersInterceptor, thus being able to manipulate server side context objects. This behavior was already addressed in...