angler-fishThe Vulnerability History Project

WW-4146 Caches only valid Ognl expressions to avoid cache attack
by Randy the Sloth 2014-03-27 18:07:11 UTC
commit 86813c1a7214bc002a5d7ce9981a9ef333e27142
Struts VCC CVE-2016-3087 VCC CVE-2016-4438
xwork-core/src/main/java/com/opensymphony/xwork2/ognl/OgnlUtil.java
+24 -61
xwork-core/src/main/java/com/opensymphony/xwork2/ognl/accessor/CompoundRootAccessor.java
+12 -15
expand_less