Null Value Denial of Service Vulnerability in Apache Struts 2

Null Value Denial of Service Vulnerability in Apache Struts 2

CVE-2016-4465 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

The URLValidator class in Apache Struts 2 2.3.20 through 2.3.28.1 and 2.5.x before 2.5.1 allows remote attackers to cause a denial of service via a null value for a URL field.

Learn more about our Cis Benchmark Audit For Apache Http Server.