Security Alert (A23-09-16): Vulnerability in Apache Struts
20 September 2023
The Apache Software Foundation has released the security bulletins to address the vulnerability in Apache Struts. A remote attacker could exploit the vulnerability by sending a specially crafted request to the affected systems.
Apache Struts 2.x prior to version 2.5.32
Apache Struts 6.1.x prior to version 22.214.171.124
Apache Struts 6.3.x prior to version 126.96.36.199
Successful exploitation of the vulnerability could lead to denial of service on an affected system.
Administrators of the affected systems should upgrade the Apache Struts to current versions 2.5.32, 188.8.131.52 or 184.108.40.206 to address the issue. The updates are available at: https://struts.apache.org/download.cgi