Apache has issued an advisory warning of a serious vulnerability in several versions of its Struts framework that can lead to remote code execution in some circumstances.
The flaw affects versions 2.0.0 through 2.5.20 and involves the way that Struts performs the evaluation of user input in tag attributes.
Read more at Decipher.
Comments