From 8a27af2016c7acc4b9aa461072168a23a52e0545 Mon Sep 17 00:00:00 2001 From: Felicity Chapman Date: Mon, 16 Sep 2019 17:50:28 +0100 Subject: [PATCH] Update remaining links to blog --- docs/language/ql-training/java/apache-struts-java.rst | 2 +- docs/language/ql-training/java/global-data-flow-java.rst | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/language/ql-training/java/apache-struts-java.rst b/docs/language/ql-training/java/apache-struts-java.rst index e873f37c12f0..7fcd2e003cdc 100644 --- a/docs/language/ql-training/java/apache-struts-java.rst +++ b/docs/language/ql-training/java/apache-struts-java.rst @@ -62,7 +62,7 @@ RCE in Apache Struts - Disclosed as `CVE-2017-9805 `__ -- Blog post: https://lgtm.com/blog/apache_struts_CVE-2017-9805 +- Blog post: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/ Finding the RCE yourself ======================== diff --git a/docs/language/ql-training/java/global-data-flow-java.rst b/docs/language/ql-training/java/global-data-flow-java.rst index b105c0823056..665899f84590 100644 --- a/docs/language/ql-training/java/global-data-flow-java.rst +++ b/docs/language/ql-training/java/global-data-flow-java.rst @@ -57,7 +57,7 @@ Code injection in Apache struts .. note:: - More details on the CVE can be found here: https://lgtm.com/blog/apache_struts_CVE-2018-11776 and + More details on the CVE can be found here: https://blog.semmle.com/apache-struts-CVE-2018-11776/ and https://github.com/Semmle/demos/tree/master/ql_demos/java/Apache_Struts_CVE-2018-11776 More details on OGNL can be found here: https://commons.apache.org/proper/commons-ognl/