Security Advisory

CVE-2016-8738

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-09-20 17:00:00

Last updated 2024-09-16 20:32:00

Assigner apache

State PUBLISHED

Description

In Apache Struts 2.5 through 2.5.5, if an application allows entering a URL in a form field and the built-in URLValidator is used, it is possible to prepare a special URL which will be used to overload server process when performing validation of the URL.

← Browse all CVEs View on cve.org ↗