Apache Struts Update Patches Critical VulnerabilitiesSep 05, 2017, 13:00 (0 Talkback[s])
(Other stories by Sean Michael Kerner)
Apache Struts is a widely used Java framework that is embedded into many enterprise applications, which means that any vulnerabilities provide a potentially very large attack surface. Today the open-source Struts project announced its 2.5.13 update fixing three vulnerabilities.
The highest impact of the three issues is identified by the Struts project as CVE-2017-9805 and is a possible Remote Code Execution (RCE) attack vulnerability.