edit-icon download-icon

[Vulnerability notice] Remote code execution vulnerability in Apache Struts s2-032

Last Updated: Apr 08, 2018

Vulnerability description

When the dynamic call is enabled for Struts2, attackers may remotely run code for attacking. For more information, see http://struts.apache.org/docs/s2-032.html.

Affected scope

Struts 2.3.20 - 2.3.28 (except 2.3.20.3 and 2.3.24.3)

How to fix

Thank you! We've received your feedback.