Source: Sophos Naked Security by Paul Ducklin Update. The Struts 2.3 and 2.5 versions now both have official patches. We have updated our advice below accordingly. [2017-09-07T11:00Z] It seems only yesterday - in fact, it was six months ago - that we wrote about a nasty security hole in Apache Struts. Unfortunately, it's time for déjà vu all over again, with a similar sort... Read More »
