December 11, 2023 at 07:48AM The Apache Software Foundation released security updates addressing a critical file upload vulnerability in Struts 2, which could be exploited to execute arbitrary code remotely. Tracked as CVE-2023-50164, the flaw impacts Struts versions 2.0.0 to 2.3.37, 2.5.0 to 2.5.32, and 6.0.0 to 6.3.0. The vulnerability was patched in Struts versions … Read more
November 15, 2023 at 10:04AM The text discusses the significance of web application security and introduces the OWASP Top 10, which is a comprehensive resource highlighting the most critical security risks to web applications. The latest edition of the OWASP Top 10 is presented, along with testing strategies for each risk. Regular web application security … Read more
November 7, 2023 at 07:36AM The OPSWAT 2023 Web Application Security report reveals that while 75% of organizations have modernized their infrastructure and 78% have increased their security budgets, only 2% are confident in their security posture. The shift to cloud-based and containerized web applications presents new security challenges, particularly in file upload security. The … Read more