Security Update:The Apache Software Foundation has released a security advisory to address a vulnerability in Apache Struts
Date and Time
Apache Struts users
The Apache Software Foundation has released a security advisory to address a vulnerability in Apache Struts.
Advanced Users: For a complete description of the security advisory go to:
- Security Bulletins S2-057 at: http://mail-archives.us.apache.org/mod_mbox/www-announce/201811.mbox/<CAMopvkMo8WiP=fqVQuZ1Fyx=6CGz0Epzfe0gG5XAqP1wdJCoBQ%40mail.gmail.com>
- Struts 2.3.36 and prior
WHAT’S THE PROBLEM?
Exploitation of this vulnerability could allow an attacker to take control of an affected system.
HOW DO I PROTECT MY WEB SITE
- Upgrade to Struts 2.3.36and upgrade to the latest released version of Commons File Upload library, which is currently 1.3.3.
- IT Security - https://it.ucsf.edu/security