IBM WebSphere Portal Apache Struts ClassLoader Manipulation RCE
High Nessus Plugin ID 77535
SynopsisThe remote Windows host has web portal software installed that is affected by a remote code execution vulnerability.
DescriptionThe version of IBM WebSphere Portal on the remote host is affected by a remote code execution vulnerability in the Apache Struts ClassLoader. A remote attacker can exploit this issue by manipulating the 'class' parameter of an ActionForm object to execute arbitrary code.
SolutionApply the appropriate patches listed in the advisory.