Intrusion Prevention



This indicates an attack attempt to exploit a Security Bypass vulnerability in Apache Struts.
The vulnerability is caused by an error in MultiPageValidator when handles requests with malicious page parameter. A remote attacker may be able to exploit this to bypass access restrictions via a crafted HTTP request.

Affected Products

Struts 1.x through 1.3.10


Security Bypass: Remote attackers can bypass security checking of vulnerable systems.

Recommended Actions

Apply patch, available from the web site.

CVE References