Attackers actively exploiting Apache Struts Vulnerability (September 1, 2018)

An OGNL vulnerability (CVE-2018-11776) has been discovered in Apache Struts 2. This is due to incorrect evaluation of the namespace component of a URL as an OGNL expression. This is exposed on servers running Struts under certain configurations. This can be exploited by sending a specially crafted request to the target server. Successful exploitation will allow an…Learn More