Описание
ActionForm in Apache Software Foundation (ASF) Struts before 1.2.9 with BeanUtils 1.7 allows remote attackers to cause a denial of service via a multipart/form-data encoded form with a parameter name that references the public getMultipartRequestHandler method, which provides further access to elements in the CommonsMultipartRequestHandler implementation and BeanUtils.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.2.9-1ubuntu1 |
| devel | released | 1.2.9-1ubuntu1 |
| edgy | released | 1.2.9-1ubuntu1 |
| feisty | released | 1.2.9-1ubuntu1 |
| upstream | needs-triage |
Показывать по
EPSS
7.8 High
CVSS2
7.5 High
CVSS3
Связанные уязвимости
ActionForm in Apache Software Foundation (ASF) Struts before 1.2.9 with BeanUtils 1.7 allows remote attackers to cause a denial of service via a multipart/form-data encoded form with a parameter name that references the public getMultipartRequestHandler method, which provides further access to elements in the CommonsMultipartRequestHandler implementation and BeanUtils.
ActionForm in Apache Software Foundation (ASF) Struts before 1.2.9 with BeanUtils 1.7 allows remote attackers to cause a denial of service via a multipart/form-data encoded form with a parameter name that references the public getMultipartRequestHandler method, which provides further access to elements in the CommonsMultipartRequestHandler implementation and BeanUtils.
ActionForm in Apache Software Foundation (ASF) Struts before 1.2.9 wit ...
Уязвимость метода getMultipartRequestHandler программной платформы Apache Struts, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
7.8 High
CVSS2
7.5 High
CVSS3