Interesting to also note that the "workaround" listed in the first announcement by the Apache Struts team was wrong. I followed the directions and my web application was still vulnerable. They have since updated it, but…
Interesting to also note that the "workaround" listed in the first announcement by the Apache Struts team was wrong. I followed the directions and my web application was still vulnerable. They have since updated it, but…