Bugzilla record for this vulnerability

vulnerability:information=annotation

Created on 2024-12-16 14:25 and updated on 2024-12-16 14:25.

Description

Bug 2331686 (CVE-2024-53677) - CVE-2024-53677 struts: org.apache.struts: mixing setters for uploaded files and normal fields can allow bypass file upload checks

An interesting note: Note: application not using FileUploadInterceptor are safe.

Associated vulnerability

Related vulnerabilities

CVE-2024-53677

Meta

[
  {
    "tags": [
      "vulnerability:information=annotation"
    ]
  }
]

Author

Alexandre Dulaunoy