TTCSIRT-159.090318: TT-CSIRT Advisory – Apache Security Updates

TTCSIRT-159.090318: TT-CSIRT Advisory – Apache Security Updates

Apache has released a security update stating that a vulnerability has been discovered in Apache Struts where it is possible for an attacker to perform a Remote Code Eexecution attack when the namespace value isn’t set for a result defined in certain underlying configurations.

Further information on this vulnerability and how it can be mitigated can be found on the Apache Website at https://cwiki.apache.org/confluence/display/WW/S2-057