CVE-2023-50164 apache.struts Traversal/RCE

org.apache.struts:struts2-core is a popular open-source framework for developing web applications in the Java programming language.

Affected versions of this package are vulnerable to Remote Code Execution (RCE) via manipulation of file upload parameters that enable path traversal. Under certain conditions, uploading of a malicious file is possible, which may then be executed on the server.


Author: vintage

Leave a Reply

Your email address will not be published. Required fields are marked *