A severe vulnerability has been detected in Apache Struts 2 framework. The vulnerability allows for full remote code execution and is actively being exploited in the wild.
- Apache Struts 2 and versions since 2008 [2.1.2 – Struts 2.3.33 and Struts 2.5 – Struts 2.5.12]
- Please patch as soon as possible to the latest version of Struts [v2.5.13]
- Contact firstname.lastname@example.org if you have any questions
- Regularly check Apache Struts Security Bulletins (https://cwiki.apache.org/confluence/display/WW/Security+Bulletins)