Yes, I know this is embarassing, but my company still uses Struts 1.1...
because of a RAD6 dependency.

Somebody just mentioned that there is a security hole in Struts 1.1.
When I searched for it, I did find a reference to it in a pre-1.3
discussion, but no details. It seemed to be a vulnerability to a DOS
attack.

So, the question is: Did the security hole exist? If it did, was it
fixed in 1.1 or only in the more recent versions of Struts?

Bruno

---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@(protected)
For additional commands, e-mail: user-help@(protected)