---

Apache Struts Update Patches Critical Vulnerabilities

Apache Struts is a widely used Java framework that is embedded into many enterprise applications, which means that any vulnerabilities provide a potentially very large attack surface. Today the open-source Struts project announced its 2.5.13 update fixing three vulnerabilities.

The highest impact of the three issues is identified by the Struts project as CVE-2017-9805 and is a possible Remote Code Execution (RCE) attack vulnerability.