Apache Struts 'CookieInterceptor' Security Bypass Vulnerability

Apache Struts is prone to a security-bypass vulnerability.

An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks.

Apache Struts versions 2.0.0 through 2.3.16.2 are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus