all InfoSec news
New RCE vulnerability in Apache Struts 2 fixed, upgrade ASAP (CVE-2023-50164)
Help Net Security www.helpnetsecurity.com
The Apache Struts project has released updates for the popular open-source web application framework, with fixes for a critical vulnerability that could lead to remote code execution (CVE-2023-50164). About CVE-2023-50164 CVE-2023-50164 may allow an attacker to manipulate file upload parameters to enable path traversal. Under some circumstances this may allow the attacker to upload a malicious file that can be used to perform remote code execution. No additional details are available at this time. The … More
The post …
apache apache struts application attacker code code execution critical critical vulnerability cve don't miss enable file file upload fixes framework hot stuff may path path traversal popular project rce remote code remote code execution security update struts struts 2 under updates upgrade upload vulnerability web web application web application security