<ul><li>A critical vulnerability in Apache Struts 2 is under active exploitation, prompting security researchers to urge users to apply patches or update to the latest version.</li><li>The vulnerability, tracked as CVE-2024-53677, has a severity score of 9.5/10 and can enable remote code execution and data theft.</li><li>Apache has released a patch for the flaw, but a proof-of-concept exploit has also been made publicly available, raising concerns.</li><li>The attack surface is significant as Struts 2 is widely used, with approximately 300,000 monthly requests, enhancing the risk for potential exploitation.</li></ul>

A critical security flaw in Apache Struts is under attack, so patch now

Discover more