Skip to content

Latest commit

 

History

History
14 lines (9 loc) · 1.05 KB

File metadata and controls

14 lines (9 loc) · 1.05 KB

Apache Struts CVE-2018-11776

Blog post

This snapshot has the bug.

The queries in this directory are slightly simplified to make the demo easier to follow. As a result, they don't find as many variants as the query described in the blog post. The full query can be found here.

Suggested workflow

  • First run the final query. ** Show the result in the path viewer.
  • Show how to build a similar query step by step. ** We will build a slightly simplified version of the query, so it won't find as many results, but it still finds one of the RCEs.