Security Advisory

CVE-2006-1546

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2006-03-30 22:00:00

Last updated 2024-08-07 17:19:47

Assigner redhat

State PUBLISHED

Description

Apache Software Foundation (ASF) Struts before 1.2.9 allows remote attackers to bypass validation via a request with a org.apache.struts.taglib.html.Constants.CANCEL parameter, which causes the action to be canceled but would not be detected from applications that do not use the isCancelled check.

← Browse all CVEs View on cve.org ↗