Gravedad: Medio
  Fecha recomendada: 21 de julio de 2015

  Descripción

Apache Struts2 is prone to a remote arbitrary file-upload vulnerability because it fails to sufficiently sanitize user-supplied input. Attackers can exploit this issue to upload arbitrary code and run it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible.

  Revelación de la información

Apply associated Trend Micro DPI Rules.

  Soluciones

  Trend Micro Deep Security DPI Rule Number: 1004982
  Trend Micro Deep Security DPI Rule Name: 1004982 - Apache Struts2 'XSLTResult.java' Remote Arbitrary File Upload Vulnerability

  Software y versión afectados

  • Apache Struts