There is a vulnerability in the way Apache Struts 2 cookieinterceptor disallows certaincookie names that can allow an attacker to manipulate session and requestrelated attributes.
There is a vulnerability in the way Apache Struts 2 cookieinterceptor disallows certaincookie names that can allow an attacker to manipulate session and requestrelated attributes.