Findings for SCA, High, [TheRedHatter/javagoof:todolist-web-struts/pom.xml]:Unrestricted Upload of File with Dangerous Type
Created by: armorcodegithubpreprod[bot]
Findings for SCA, High, [TheRedHatter/javagoof:todolist-web-struts/pom.xml]:Unrestricted Upload of File with Dangerous Type
Component Details
- Exploit Maturity: no-known-exploit
- Vulnerable Package: -
- Current Version: -
- Vulnerable Version(s): >[,2.5)
- Vulnerable Path: >null
Overview
org.apache.struts:struts2-core is a popular open-source framework for developing web applications in the Java programming language.
Affected versions of this package are vulnerable to Unrestricted Upload of File with Dangerous Type. A local code execution issue exists in Apache Struts2 when processing malformed XSLT files, which could let a malicious user upload and execute arbitrary files.
References
Snyk Project Status: Active