Comment - Bugzilla record for this vulnerability

Please log in to access this page.

Bugzilla record for this vulnerability

Created on 2024-12-16 14:25, updated on 2024-12-16 14:25, by Alexandre Dulaunoy

JSON CVE-2024-53677

vulnerability:information=annotation

Bug 2331686 (CVE-2024-53677) - CVE-2024-53677 struts: org.apache.struts: mixing setters for uploaded files and normal fields can allow bypass file upload checks

An interesting note: Note: application not using FileUploadInterceptor are safe.

Related vulnerabilities

CVE-2024-53677

Meta

[
  {
    "tags": [
      "vulnerability:information=annotation"
    ]
  }
]