The Apache Software Foundation has released a security update to address a vulnerability in Struts 2. A remote attacker could exploit this vulnerability to take control of an affected system.
US-CERT encourages users and administrators to review the Apache Security Bulletin and Vulnerability Note VU#112992 and upgrade to Struts 2.5.13 or 2.3.34.
This product is provided subject to this Notification and this Privacy & Use policy.