4ee18f96bc2d401f9007c5fd458c47b7ae4ff35d | Vulnerability History Project

The Vulnerability History Project

Ties excluding packages into Struts DI mechanism

by Randy the Sloth 2014-05-23 07:58:33 UTC

commit 4ee18f96bc2d401f9007c5fd458c47b7ae4ff35d

Struts VCC Improper Input Validation CVE-2015-1831

core/src/main/java/org/apache/struts2/StrutsConstants.java

+1 -2

core/src/main/java/org/apache/struts2/config/DefaultBeanSelectionProvider.java

-3

core/src/main/resources/struts-default.xml

-2

xwork-core/src/main/java/com/opensymphony/xwork2/XWorkConstants.java

-2

xwork-core/src/main/java/com/opensymphony/xwork2/ognl/OgnlUtil.java

+1 -16

xwork-core/src/main/java/com/opensymphony/xwork2/ognl/OgnlValueStack.java

-1

expand_less