XWork 2.2.1 in Apache Struts 2.2.1, and OpenSymphony XWork in OpenSymphony WebWork, allows remote malicious users to obtain potentially sensitive information about internal Java class paths via vectors involving an s:submit element and a nonexistent method, a different vulnerability than CVE-2011-1772.3.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
opensymphony xwork 2.2.1 |
||
apache struts 2.2.1 |
||
opensymphony xwork - |
||
opensymphony webwork - |