Apache Struts Exploit
stacksofplates last edited by stacksofplates
The vulnerability resides in what's known as the Jakarta file upload multipart parser, which according to official Apache Struts 2 documentation is a standard part of the framework and needs only a supporting library to function. Apache Struts versions affected by the vulnerability include Struts 2.3.5 through 2.3.31 and 2.5 through 2.5.10. Servers running any of these versions should upgrade to 2.3.32 or 126.96.36.199 immediately.