VYPR

Maven package

opensymphony/xwork

pkg:maven/opensymphony/xwork

Vulnerabilities (1)

  • CVE-2007-4556Aug 28, 2007
    affected < 1.2.3fixed 1.2.3

    Struts support in OpenSymphony XWork before 1.2.3, and 2.x before 2.0.4, as used in WebWork and Apache Struts, recursively evaluates all input as an Object-Graph Navigation Language (OGNL) expression when altSyntax is enabled, which allows remote attackers to cause a denial of se