'[jira] [Created] (WW-5055) Fix for security vulnerability CVE-2012-1592 identified in the National V'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       struts-dev
Subject:    [jira] [Created] (WW-5055) Fix for security vulnerability CVE-2012-1592 identified in the National V
From:       "Jack Hagan (Jira)" <jira () apache ! org>
Date:       2020-01-22 21:13:00
Message-ID: JIRA.13281060.1579727542000.32332.1579727580079 () Atlassian ! JIRA
[Download RAW message or body]

Jack Hagan created WW-5055:
------------------------------

             Summary: Fix for security vulnerability CVE-2012-1592 identifi=
ed in the National Vulnerability Database
                 Key: WW-5055
                 URL: https://issues.apache.org/jira/browse/WW-5055
             Project: Struts 2
          Issue Type: Improvement
            Reporter: Jack Hagan

h2. CVE-2012-1592=C2=A0Detail
h3. Current Description

A local code execution issue exists in Apache Struts2 when processing malfo=
rmed XSLT files, which could let a malicious user upload and execute arbitr=
ary files.

See a bug report at the following URL:

[http://seclists.org/bugtraq/2012/Mar/110]

--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic