Ian Mangan, Associate Engineer, Author at Security Boulevard

Hot Topics

USENIX Security ’23 - Inductive Graph Unlearning
From DAST to dawn: why fuzzing is better solution | Code Intelligence
Scaling Application Security With Application Security Posture Management (ASPM)
Crunching Some Numbers on PHP Support
Google Chrome DBSC Protection Tested Against Cookie Attacks

Contrast Labs: Apache Struts CVE-2020-17530

Ian Mangan, Associate Engineer | December 18, 2020 | Contrast Assess, Contrast Protect, Vulnerabilities

On December 8, 2020, Apache published a security bulletin providing details for CVE-2020-17530, a forced double Object-Graph Navigation Language (OGNL) evaluation vulnerability in Apache Struts 2.0.0 to 2.5.25 that provides attackers arbitrary remote execution capabilities on a victim’s server. Using the corresponding proof of concept (POC), Contrast Labs was able ... Read More

AppSec Observer