Описание
Apache Struts vulnerable to possible DoS attack when using URLValidator
If an application allows enter an URL in a form field and built-in URLValidator is used, it is possible to prepare a special URL which will be used to overload server process when performing validation of the URL.
Пакеты
org.apache.struts:struts2-core
>= 2.5.0, < 2.5.13
2.5.13
Связанные уязвимости
In Apache Struts 2.5 through 2.5.5, if an application allows entering a URL in a form field and the built-in URLValidator is used, it is possible to prepare a special URL which will be used to overload server process when performing validation of the URL.
In Apache Struts 2.5 through 2.5.5, if an application allows entering a URL in a form field and the built-in URLValidator is used, it is possible to prepare a special URL which will be used to overload server process when performing validation of the URL.
In Apache Struts 2.5 through 2.5.5, if an application allows entering ...