Apache Struts 2.x < 220.127.116.11 Multiple Critical Vulnerabilities (S2-008)
Critical Nessus Plugin ID 117404
SynopsisA web application running on the remote host uses a Java framework
that is affected by multiple critical vulnerabilities.
DescriptionThe version of Apache Struts running on the remote host is 2.x
prior to 18.104.22.168. It, therefore, is affected by multiple critical
vulnerabilities, including a possible remote command execution
Note that Nessus has not tested for these issues but has instead
relied only on the application's self-reported version number.
SolutionUpgrade to Apache Struts version 22.214.171.124 or later