Apache Struts 2 is an open-source web application framework for developing Java EE web applications. The new vulnerability, CVE-2023-50164, has been given a maximum severity rating and affects Struts 2.0.0-2.3.37 (EOL), Struts 2.5.0-2.5.32, and Struts 6.0.0-6.3.0. “An attacker can manipulate file upload parameters to enable path traversal and under some circumstances this can lead toContinue reading “Apache has warned customers of a critical remote code execution (RCE) vulnerability in its popular Struts 2 framework.”
You must be logged in to post a comment.