Back to search
CVE-2008-6504
Published: Mar 23, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
ParametersInterceptor in OpenSymphony XWork 2.0.x before 2.0.6 and 2.1.x before 2.1.2, as used in Apache Struts and other products, does not properly restrict # (pound sign) references to context objects, which allows remote attackers to execute Object-Graph Navigation Language (OGNL) statements and modify server-side context objects, as demonstrated by use of a \u0023 representation for the # character.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
32495
third-party-advisory
x_refsource_SECUNIA
http://fisheye6.atlassian.com/cru/CR-9/
x_refsource_CONFIRM
http://struts.apache.org/2.x/docs/s2-003.html
x_refsource_CONFIRM
xwork-parameterinterceptor-security-bypass(46328)
vdb-entry
x_refsource_XF
ADV-2008-3003
vdb-entry
x_refsource_VUPEN
ADV-2008-3004
vdb-entry
x_refsource_VUPEN
32101
vdb-entry
x_refsource_BID
32497
third-party-advisory
x_refsource_SECUNIA
http://jira.opensymphony.com/browse/XW-641
x_refsource_CONFIRM
http://issues.apache.org/struts/browse/WW-2692
x_refsource_CONFIRM
49732
vdb-entry
x_refsource_OSVDB
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now