struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Zoran Avtarovski <>
Subject K8 Struts2 Exploit
Date Tue, 30 Jul 2013 05:40:33 GMT
I've just found a number of new jsp pages on a web app we developed.

There was a text file relating to the K8 Struts2 Exploit. We contacted the
client and updated the files, but I'd like to know if anybody has further
information about this exploit.

Basically do we tell the client to wipe the server and reinstall everything
or is the update to the web app enough.


  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message