[Owasp-leaders] Struts2 security gap analysis
arshan.dabirsiaghi at aspectsecurity.com
Tue Apr 14 15:09:28 EDT 2009
Over the last month or so, the Intrinsic Security Working Group (ISWG) has been performing a gap analysis of the Struts2. The purpose of the work was not to find vulnerabilities in Struts2, but rather to find out how easy or possible it is to write a secure application within the framework.
Here is the draft which has been barely proofread. We're looking for comments, flames, etc.:
We're hoping to publish with feedback by the end of the week.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 3830 bytes
Desc: not available
Url : https://lists.owasp.org/pipermail/owasp-leaders/attachments/20090414/3fb33e37/attachment.bin
More information about the OWASP-Leaders