Four in five Apache Struts 2 downloads are for versions featuring critical flaw
December 21, 2023 at 09:20AM Sonatype reports low adoption of fixed versions of Struts 2 despite a critical RCE vulnerability (CVE-2023-50164) in the frameworkâs file upload feature. The fix is simple: use updated Struts versions. With active exploitation and ease of automatable attacks, Sonatype urges immediate upgrades to mitigate potential risks and emphasizes vigilant maintenance … Read more