|
|
Summary
Double OGNL evaluation when using raw user input in tag's attributes.
Who should read this
All Struts 2 developers and users
Impact of vulnerability
Possible Remote Code Execution vulnerability
Maximum security rating
Important
Recommendation
Always validate incoming parameters' values when re-assigning them to certain Struts' tags attributes. Alternatively upgrade to Struts 2.3.25
Affected Software
Struts 2.0.0 - Struts Struts 2.3.24.1
Reporter
Romain Gaucher rgaucher at coverity dot com - Coverity
CVE Identifier
CVE-2016-0785
Problem
The Apache Struts frameworks performs double evaluation of attributes' values assigned to certain tags so it is possible to pass in a value that will be evaluated again when a tag's attributes will be rendered.
Solution
Adding a proper validation of each value that's coming in and it's used in tag's attributes. Alternatively upgrade to Struts 2.3.25.
Backward compatibility
No issues expected when upgrading to Struts 2.3.25
Workaround
Not possible
Generated by CXF SiteExporter
官方公告:http://struts.apache.org/docs/s2-029.html
|
|
|小黑屋|手机版|中国白客联盟-BUC
( 赣ICP备15007148号-6 ) 
窥视卡
雷达卡
发表于 2016-3-15 22:14:57
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡