E-Billing 6.1, 6.2 Security vulnerabilities of Apache Struts CVE-2014-0112 and CVE-2014-0113
Last updated on APRIL 27, 2017
Applies to:Oracle Self-Service E-Billing Consumer Edition - Version 6.1 to 6.2 [Release 6]
Information in this document applies to any platform.
Is E-Billing 6.2 affected by Security vulnerabilities of Apache Struts CVE-2014-0112 and CVE-2014-0113?
CVE-2014-0113 - ClassLoader manipulation via CookieInterceptor when configured to accept all cookies.
Apache Struts 2 Documentation:
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms