Apache Software Foundation Releases Security Update

Last Revised

The Apache Software Foundation has released a security update to address a vulnerability in Struts 2. A remote attacker could exploit this vulnerability to take control of an affected system.

US-CERT encourages users and administrators to review the Apache Security Bulletin and Vulnerability Note VU#112992 and upgrade to Struts 2.5.13 or 2.3.34.

This product is provided subject to this Notification and this Privacy & Use policy.