Attackers are widely exploiting a recently patched vulnerability in Apache Struts that allows them to remotely execute malicious code on web servers.Apache Struts is an open-source web development framework for Java web applications.
It’s widely used to build corporate websites in sectors including education, government, financial services, retail and media.[ Deep Dive: How to rethink security for the new world of IT. | Discover how to secure your systems with InfoWorld’s Security Report newsletter. ]
On Monday, the Apache Struts developers fixed a high-impact vulnerability in the framework’s Jakarta Multipart parser. Hours later, an exploit for the flaw appeared on Chinese-language websites and this was almost immediately followed by real-world attacks, according to researchers from Cisco Systems.To read this article in full or to leave a comment, please click here

Leave a Reply