Apache Struts 2.5.26 releases: fix RCE vulnerability
Struts, an open-source project sponsored by the Apache Software Foundation (ASF), was originally a subproject of the Jakarta project that became ASF’s premier project in March 2004. By adopting Java Servlet / JSP technology, it realizes the application framework of MVC design pattern based on Java EE Web application and is a classic product in MVC classic design pattern.
Apache Struts 2.5.26 has been released.
- Junit plugin does not push ACTION_MAPPING into the context resulting in NPE
- Struts2 StaticParametersInterceptor’s addParametersToContext method is not working as expected