CVE-2016-8738: Improper Input Validation
(updated )
In Apache Struts, if an application allows entering a URL in a form field and the built-in URLValidator
is used, it is possible to prepare a special URL which will be used to overload server process when performing validation of the URL.
References
Detect and mitigate CVE-2016-8738 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →