virus logo FortiClient Vulnerability

Apache Struts CVE-2010-1870 Vulnerability

description-logoDescription

OGNL provides, among other features, extensive expression evaluation capabilities (http://www.ognl.org/2.6.9/Documentation/html/LanguageGuide/expressionEvaluation.html). The vulnerability allows a malicious user to bypass the '#'-usage protection built into the ParametersInterceptor, thus being able to manipulate server side context objects.

affected-products-logoAffected Applications

Apache Struts

CVE References

CVE-2010-1870

Other References

https://cwiki.apache.org/confluence/display/WW/Security+Bulletins
ID 41596
Created Jan 17, 2020
Description
Updated		 Dec 14, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Linux
Vendor Apache
Patch manual
Application Apache Struts