org.apache.struts:struts2-core is a popular open-source framework for developing web applications in the Java programming language.
Affected versions of this package are vulnerable to Remote Code Execution (RCE) via manipulation of file upload parameters that enable path traversal. Under certain conditions, uploading of a malicious file is possible, which may then be executed on the server.
More…Soon