Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Vulnerability struts2-core-2.3.20.1.jar

Asif Khan
Asif Khan September 20, 2017

struts2-core-2.3.20.1.jar  this file has serious vulnerability, is there a fix available from Atlassian, this file is in may locations see below

/opt/atlassian-crowd-2.8.4/crowd-webapp/WEB-INF/lib/struts2-core-2.3.20.1.jar

  • Installation Path:

/opt/atlassian-crowd-2.8.4/demo-webapp/WEB-INF/lib/struts2-core-2.3.20.1.jar

  • Installation Path:

/opt/atlassian-crowd-2.8.4/crowd-openidserver-webapp/WEB-INF/lib/struts2-core-2.3.20.1.jar

  • Installation Path:

/opt/atlassian-crowd-2.8.4/crowd-openidclient-webapp/WEB-INF/lib/struts2-core-2.3.20.1.jar

Answer
Watch
Like Be the first to like this
415 views

1 answer

0 votes
Bruno Vincent
Bruno Vincent
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 21, 2017

Hi Asif,

Yes, there is a fix available. You will actually need to upgrade your Crowd installation. Please take a look at this page: https://confluence.atlassian.com/crowd/crowd-security-advisory-2017-03-10-876857916.html

Reply

Suggest an answer

Log in or Sign up to answer
Crowd
Crowd
TAGS
AUG Leaders

Atlassian Community Events

    See all events