Findings for SCA, High, [TheRedHatter/javagoof:todolist-web-struts/pom.xml]:Access Restriction Bypass
Created by: armorcodegithubpreprod[bot]
Findings for SCA, High, [TheRedHatter/javagoof:todolist-web-struts/pom.xml]:Access Restriction Bypass
Component Details
- Exploit Maturity: no-known-exploit
- Vulnerable Package: -
- Current Version: -
- Vulnerable Version(s): >[2.3.20,2.3.28.1]
- Vulnerable Path: >null
Overview
org.apache.struts.xwork:xwork-core is a generic command pattern framework. It forms the core of Struts 2.
Affected versions of this package are vulnerable to Access Restriction Bypass. It allows remote attackers to bypass intended access restrictions and conduct redirection attacks via a crafted request.
References
Snyk Project Status: Active
Component Details
- Exploit Maturity: no-known-exploit
- Vulnerable Package: -
- Current Version: -
- Vulnerable Version(s): >[2.3.20,2.3.29)
- Vulnerable Path: >null
Overview
org.apache.struts:struts2-core is a popular open-source framework for developing web applications in the Java programming language.
Affected versions of this package are vulnerable to Access Restriction Bypass. It allows remote attackers to bypass intended access restrictions and conduct redirection attacks by leveraging a default method.
References
Snyk Project Status: Active
Component Details
- Exploit Maturity: no-known-exploit
- Vulnerable Package: -
- Current Version: -
- Vulnerable Version(s): >[2.3.20, 2.3.29)
- Vulnerable Path: >null
Overview
org.apache.struts:struts2-core is a popular open-source framework for developing web applications in the Java programming language.
Affected versions of this package are vulnerable to Access Restriction Bypass. It allows remote attackers to bypass intended access restrictions and conduct redirection attacks via a crafted request.
References
Snyk Project Status: Active