Security researchers at lgtm.com have discovered a critical remote code execution vulnerability in Apache Struts — a popular open-source framework for developing web applications in the Java programming language. All versions of Struts since 2008 are affected; all web applications using the framework’s popular REST plugin are vulnerable. Users are advised to upgrade their Apache Struts components as a matter of urgency. This vulnerability has been addressed in Struts version 2.5.13.
Affected developers are urged to upgrade to Apache Struts version 2.5.13.
The flaw was reported to Apache Struts developers in July, with a patched version of the framework released today.
Apache Struts version 2.5.13 https://struts.apache.org/announce.html#a20170905
Dragonfly Technologies - Secure Solutions, Simplified
Whether its infrastructure, data or application security, Dragonfly has the technical expertise to assist you in protecting your organisation's most critical assets.
We protect Australia's most security conscious organisations.
For immediate assistance, contact our team on 1300 663 220 or online