Apache Struts XStream Handler REST Plugin XML Request Handling Remote DoS (S2-056)

The version of Apache Struts running on the remote host is prior to 2.5.16. It, therefore, contains a flaw in the REST plugin when using the XStream handler that is triggered during the handling of a specially crafted request with an XML payload. This may allow a remote attacker to cause a denial...

Apache Struts2 S2-056(CVE-2018-1327)

Summary A crafted XML request can be used to perform a DoS attack when using the Struts REST plugin | | | | :------------ | :------------ | | Who should read this | All Struts 2 developers and users which are using the REST plugin | | Impact of vulnerability | A DoS attack is possible when using...

CVE-2017-9805: Apache Struts Remote Code Execution | Cloud Foundry

Severity Advisory/Critical Vendor Apache Versions Affected Apache Struts 2: 2.3.x versions prior to 2.3.34 2.5.x versions prior to 2.5.13 Description An RCE attack is possible when using the Struts REST plugin with XStream handler to deserialise XML requests 1. Affected Cloud Foundry Products and...