The Struts team is pleased to announce the release of Struts 1.2.8 for General Availability. This release is primarily to fix a Cross Site Scripting (XSS) vulnerability identified in Struts by www.hacktics.com and supersedes the earlier 1.2.7 version as the latest official release of Struts from The Apache Software Foundation.
For more information on the XSS Vulnerability and solutions please see the following pages: http://wiki.apache.org/struts/StrutsXssVulnerability http://www.hacktics.com/AdvStrutsNov05.html The binary, source and library distributions are available from the Struts download page: http://struts.apache.org/download.cgi The Release Notes are available on the Struts web site at: http://struts.apache.org/struts-doc-1.2.8/userGuide/release-notes.html Please check the wiki for the latest information on upgrading: http://wiki.apache.org/struts/StrutsUpgrade -- Niall Pemberton --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
