# Apache Struts CVE-2018-11776

[Blog post](https://lgtm.com/blog/apache_struts_CVE-2018-11776)

[This snapshot](https://downloads.lgtm.com/snapshots/java/apache/struts/apache-struts-7fd1622-CVE-2018-11776.zip) has the bug.

The queries in this directory are slightly simplified to make the demo easier to follow. As a result, they don't find as many variants as the query described in the blog post. The full query can be found [here](https://github.com/Semmle/SecurityQueries/blob/e5c2be7d5eec46cd5a4a8ebdbe8cb63be2e36665/semmle-security-java/queries/struts/cve_2018_11776/final.ql).

# Suggested workflow

* First run the [final query](https://github.com/Semmle/SecurityQueries/blob/e5c2be7d5eec46cd5a4a8ebdbe8cb63be2e36665/semmle-security-java/queries/struts/cve_2018_11776/final.ql).
** Show the result in the path viewer.
* Show how to build a similar query step by step.
** We will build a slightly simplified version of the query, so it won't find as many results, but it still finds one of the RCEs.