Apache Struts 2 Documentation > Home > Security Bulletins
#editReport()

The following security bulletins are available:

  • S2-001Remote code exploit on form validation error
  • S2-002Cross site scripting (XSS) vulnerability on <s:url> and <s:a> tags
  • S2-003XWork ParameterInterceptors bypass allows OGNL statement execution
  • S2-004Directory traversal vulnerability while serving static content