Описание
ActionForm in Apache Software Foundation (ASF) Struts before 1.2.9 with BeanUtils 1.7 allows remote attackers to cause a denial of service via a multipart/form-data encoded form with a parameter name that references the public getMultipartRequestHandler method, which provides further access to elements in the CommonsMultipartRequestHandler implementation and BeanUtils.
Ссылки
- Broken LinkIssue Tracking
- Broken Link
- Broken Link
- Broken Link
- Broken LinkThird Party AdvisoryVDB Entry
- Broken LinkExploitPatchVendor Advisory
- Broken LinkThird Party AdvisoryVDB Entry
- Broken Link
- Third Party AdvisoryVDB Entry
- Broken LinkIssue Tracking
- Broken Link
- Broken Link
- Broken Link
- Broken LinkThird Party AdvisoryVDB Entry
- Broken LinkExploitPatchVendor Advisory
- Broken LinkThird Party AdvisoryVDB Entry
- Broken Link
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Одновременно
EPSS
7.5 High
CVSS3
7.8 High
CVSS2
Дефекты
Связанные уязвимости
ActionForm in Apache Software Foundation (ASF) Struts before 1.2.9 with BeanUtils 1.7 allows remote attackers to cause a denial of service via a multipart/form-data encoded form with a parameter name that references the public getMultipartRequestHandler method, which provides further access to elements in the CommonsMultipartRequestHandler implementation and BeanUtils.
ActionForm in Apache Software Foundation (ASF) Struts before 1.2.9 with BeanUtils 1.7 allows remote attackers to cause a denial of service via a multipart/form-data encoded form with a parameter name that references the public getMultipartRequestHandler method, which provides further access to elements in the CommonsMultipartRequestHandler implementation and BeanUtils.
ActionForm in Apache Software Foundation (ASF) Struts before 1.2.9 wit ...
Уязвимость метода getMultipartRequestHandler программной платформы Apache Struts, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
7.5 High
CVSS3
7.8 High
CVSS2