The URLValidator class in Apache Struts 2 2.3.20 through 2.3.28.1 and 2.5.x before 2.5.1 allows remote attackers to cause a denial of service via a null value for a URL field.
https://struts.apache.org/docs/s2-041.html
https://bugzilla.redhat.com/show_bug.cgi?id=1348253
http://www.securityfocus.com/bid/91278
http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
http://www-01.ibm.com/support/docview.wss?uid=swg21987854
Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.
Alternative Proxies: