all InfoSec news
Recently-patched Apache Struts vulnerability used in worldwide attacks
Malware Analysis, News and Indicators - Latest topics malware.news
Attackers are exploiting a critical vulnerability in Apache Struts 2 that was patched recently. Struts is a very popular open source platform to develop applications and websites.
On December 7, 2023, Apache announced versions 6.3.0.2 and 2.5.33 of Struts were now available to address a potential security vulnerability listed as CVE-2023-50164.
The vulnerability affects Apache Struts versions:
- 2.0.0 through 2.5.32
- 6.0.0 through 6.3.0.1
- 2.0.0 through 2.3.37 (EOL, no longer supported)
The vulnerability that has a CVSS score of 9.8 …
address apache apache struts applications attackers attacks critical critical vulnerability cve cve-2023-50164 december exploiting open source platform popular security security vulnerability struts struts 2 vulnerability websites