struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rayne Anderson" <>
Subject RE: CVE-2019-0233 is Struts v1 vulnerable?
Date Fri, 21 Aug 2020 19:38:44 GMT
You are probably correct on due to the different frameworks.  If I do need 
to test Struts v1 where do I obtain the test instructions from?  I could 
not find them when searching earlier.

Regards, Rayne

IBM Watson Financial Services
10925 David Taylor Drive
Charlotte, NC 28262-1040, US
(704) 501-0331

From:   Lukasz Lenart <>
To:     Struts Users Mailing List <>
Date:   08/21/2020 05:57 AM
Subject:        [EXTERNAL] Re: CVE-2019-0233 is Struts v1 vulnerable?

pt., 21 sie 2020 o 11:30 Rayne Anderson <> napisał(a):
> I know that Apache Struts File upload CVE-2019-0233 applies to Struts 
> Does the CVE apply to Struts v1.3.8?

I would say no as these are totally different frameworks but we didn't
test Struts 1.3.8 against this vulnerability as Struts 1 has reached
End-of-Life a few years ago.

+ 48 606 323 122 

To unsubscribe, e-mail:
For additional commands, e-mail:

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message