Eric Rafaloff

My personal blog on software development and security

Home » An Analysis of CVE-2017-5638

An Analysis of CVE-2017-5638

I just published some research I did with Gotham Digital Science on the recent Struts vulnerability, CVE-2017-5638. You can find that (rather long) post here, full of in-depth code review and an additional, lesser known attack vector:

An Analysis of CVE-2017-5638

Name of author

Name: ericr

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.