- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 36426
- Проверка EDB
-
- Пройдено
- Автор
- HISATO KILLING
- Тип уязвимости
- REMOTE
- Платформа
- MULTIPLE
- CVE
- cve-2011-5057
- Дата публикации
- 2011-12-07
Apache Struts 2.0.9/2.1.8 - Session Tampering Security Bypass
Код:
source: https://www.securityfocus.com/bid/50940/info
Apache Struts is prone to a security-bypass vulnerability that allows session tampering.
Successful attacks will allow attackers to bypass security restrictions and gain unauthorized access.
Apache Struts versions 2.0.9 and 2.1.8.1 are vulnerable; other versions may also be affected.
http://www.example.com/SomeAction.action?session.somekey=someValue- Источник
- www.exploit-db.com
