PC World

Oracle fixes Struts and Shadow Brokers exploits in huge patch release

Oracle has released a record 299 security fixes for vulnerabilities in its products, including patches for a widely exploited vulnerability in the Apache Struts framework and a Solaris exploit ...
Ars Technica

Serving xml files in a java/struts webapp?

I'm no Struts expert, but my guess is that Struts adds a Servlet Mapping for anything in the context that ends in .xml.
Threat Post

Apache Warns of Faulty Zero Day Patch for Struts

UPDATE – The Apache Software Foundation will re-issue at patch for a ClassLoader manipulation zero-day vulnerability in Struts. The fix is expected to be ready within 72 hours; a workaround is ...
eWeek

Apache Struts Vulnerability Under Attack

AI thrives on data but feeding it the right data is harder than it seems. As enterprises scale their AI initiatives, they face the challenge of managing diverse data pipelines, ensuring proximity to ...
Bleeping Computer

Apache Struts Zero-Day Exploited in the Wild

Cisco's Talos security team announced it discovered attacks against a zero-day vulnerability in Apache Struts, which Apache patched on Monday. According to its website, "Apache Struts is a free, ...
Bleeping Computer

Hackers are exploiting critical Apache Struts flaw using public PoC

Hackers are attempting to leverage a recently fixed critical vulnerability (CVE-2023-50164) in Apache Struts that leads to remote code execution, in attacks that rely on publicly available ...
Dark Reading

Orgs Scramble to Fix Actively Exploited Bug in Apache Struts 2

A critical, stubborn new vulnerability in Apache Struts 2 may be under active exploitation already, and fixing it isn't as simple as downloading a patch. Struts 2 is an open source framework for ...