struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Anu Krishna Rajamohan <>
Subject Security Vulnerability for Struts 1.3.10 in Struts 2.x
Date Thu, 28 Apr 2016 22:34:38 GMT

As Apache Struts 1.x is pretty old and it suffers from many security
vulnerabilities, I decided to use a recent version of Apache Struts 2.x
(Struts However, I find that struts-core-1.3.10 jar is present
in struts 2.x. Can you please let me know if the presence of this jar makes
Struts 2.x vulnerable to security issues such as CVE-2012-1007

Thanks and Best Regards,

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message