Sonicwall Signatures
Go to
All Categories
list.
Apache Struts 2 REST Plugin Insecure Deserialization
Category:
WEB-ATTACKS
The REST Plugin is using a XStreamHandler with an instance of XStream for deserialization without any type filtering and this can lead to Remote Code Execution when deserializing XML payloads.
© SonicWall 2020 |
Privacy Policy
|
Conditions for use
Version: 10.0
