Lukasz Lenart

**Name of the Vulnerable Software and Affected Versions** Apache Struts versions prior to 2.5.32 Apache Struts versions prior to 6.1.2.2 Apache Struts versions prior to 6.3.0.1 Confluence Data Center versions from 7.17.0 to 8.8.0 (excluding 8.8.0) Confluence Data Center versions from 8.0.0 to 8.0.4 Confluence Data Center versions from 8.1.0 to 8.1.4 Confluence Data Center versions from 8.2.0 to 8.2.3 Confluence Data Center versions from 8.3.0 to 8.3.4 Confluence Data Center versions from 8.4.0 to 8.4.5 Confluence Data Center versions from 8.5.0 to 8.5.4 Confluence Data Center versions from 8.6.0 to 8.6.1 Confluence Data Center versions from 8.7.0 to 8.7.1 Confluence Server versions from 7.17.0 to 8.5.4 Confluence Server versions from 8.0.0 to 8.0.4 Confluence Server versions from 8.1.0 to 8.1.4 Confluence Server versions from 8.2.0 to 8.2.3 Confluence Server versions from 8.3.0 to 8.3.4 Confluence Server versions from 8.4.0 to 8.4.5 **Description** When a Multipart request is performed but some of the fields exceed the maxStringLength limit, the upload files will remain in struts.multipart.saveDir even if the request has been denied. This issue may allow an unauthenticated attacker to expose assets in the environment susceptible to exploitation, with no impact to confidentiality, no impact to integrity, and high impact to availability. **Recommendations** Upgrade Apache Struts to version 2.5.32 or greater. Upgrade Apache Struts to version 6.1.2.2 or greater. Upgrade Apache Struts to version 6.3.0.1 or greater. Upgrade Confluence Data Center to version 8.8.0 or greater. Upgrade Confluence Data Center to version 8.5.6 LTS or greater. Upgrade Confluence Server to version 8.5.6 LTS or greater. As a temporary workaround, consider restricting access to the struts.multipart.saveDir directory to minimize the risk of exploitation.