A critical remote code execution vulnerability affecting popular web application framework Apache Struts has been discovered. The vulnerability is in the core of the application and exists due to insufficient validation of user-provided untrusted inputs under certain configurations. This vulnerability is identified by CVE-2018-11776. This Remote Code Execution vulnerability poses a huge risk as the […]

Read More →

  Image Credit: Threatpost A critical remote code execution vulnerability has been recently discovered in the popular Apache Struts web application framework allowing a remote attacker to execute arbitrary code on any server running an application built using the affected Struts framework and the popular REST communication plugin. This flaw is due to an unsafe deserialization (Deserialization is […]

Read More →