Hey, we are wondering why struts params interceptor excludes
^application\..* as a parameter?To what kind of vulernatbilities would we open our applications if we allow parameters starting with application to be set by struts?
Thank you and best Fabian
smime.p7s
Description: S/MIME Cryptographic Signature
