Apache Struts security advisory S2-045

description-logoDescription

It is possible to perform a RCE attack with a maliciousContent-Typevalue. If theContent-Typevalue isn't valid an exception is thrown which is then used to display an error message to a user.

affected-products-logoAffected Applications

Apache Struts

CVE References

CVE-2017-5638