漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Apache Struts: excessive disk usage
Vulnerability Description
When a Multipart request is performed but some of the fields exceed the maxStringLength limit, the upload files will remain in struts.multipart.saveDir even if the request has been denied. Users are recommended to upgrade to versions Struts 2.5.32 or 6.1.2.2 or Struts 6.3.0.1 or greater, which fixe this issue.
CVSS Information
N/A
Vulnerability Type
清理环节不完整
Vulnerability Title
Apache Struts 安全漏洞
Vulnerability Description
Apache Struts是美国阿帕奇(Apache)基金会的一个开源项目,是一套用于创建企业级Java Web应用的开源MVC框架,主要提供两个版本框架产品,Struts 1和Struts 2。 Apache Struts存在安全漏洞,该漏洞源于当执行Multipart请求但某些字段超出maxStringLength限制时,即使请求被拒绝,上传文件也将保留在struts.multipart.saveDir中。
CVSS Information
N/A
Vulnerability Type
N/A