No, rather no. You gain access to ClassLoader. 2014-03-06 16:43 GMT+01:00 Tim <tim-secur...@sentinelchicken.org>: > >> This release includes important security fixes: >> - S2-020 - ClassLoader manipulation via request parameters > > What is the ultimate impact of this manipulation? Another RCE bug? > > tim
--------------------------------------------------------------------- To unsubscribe, e-mail: user-unsubscr...@struts.apache.org For additional commands, e-mail: user-h...@struts.apache.org