#StrutsVulnerability

New Critical RCE Vulnerability Discovered in Apache Struts 2 – Patch Now

by

December 12, 2023 at 01:00AM Apache has issued a critical security advisory for a flaw in Struts 2, a Java web application framework, potentially allowing remote code execution. Tracked as CVE-2023-50164, the flaw affects various versions, with patches available for some. No workarounds exist, and upgrades to versions 2.5.33 and 6.3.0.2 or higher are highly … Read more

Apache Patches Critical RCE Vulnerability in Struts 2

by

December 11, 2023 at 07:48AM The Apache Software Foundation released security updates addressing a critical file upload vulnerability in Struts 2, which could be exploited to execute arbitrary code remotely. Tracked as CVE-2023-50164, the flaw impacts Struts versions 2.0.0 to 2.3.37, 2.5.0 to 2.5.32, and 6.0.0 to 6.3.0. The vulnerability was patched in Struts versions … Read more