angler-fishThe Vulnerability History Project

Solves WW-3579 - escapes actionName and methodName to prevent XSS vulnerability

      git-svn-id: https://svn.apache.org/repos/asf/struts/struts2/trunk@1076372 13f79535-47bb-0310-9956-ffa450edef68
by Randy the Sloth 2011-03-02 21:01:01 UTC
commit 885ab3459e146ff830d1f7257f809f4a3dd4493a
Struts Fix Action Name Vector XSS CVE-2011-1772
xwork-core/src/main/java/com/opensymphony/xwork2/DefaultActionProxy.java
+6 -6
expand_less