ZDNet

Critical remote code execution flaw in Apache Struts exposes the enterprise to attack

The Apache Software Foundation has patched a critical security vulnerability which affects all versions of Apache Struts 2. Uncovered by researchers from cybersecurity firm Semmle, the security flaw ...
Dark Reading

Orgs Scramble to Fix Actively Exploited Bug in Apache Struts 2

A critical, stubborn new vulnerability in Apache Struts 2 may be under active exploitation already, and fixing it isn't as simple as downloading a patch. Struts 2 is an open source framework for ...