Remember seeing this, a maintained version of Struts 1. Might be work a look.
https://github.com/weblegacy/struts1 On Thu, 19 Oct 2023 at 17:45, Alan F <shiva...@hotmail.com> wrote: > I am looking at security steps to mitigate issues with a 1.x Struts based > app. > > I have recommended the following until an upgrade resource is available > > Remove application from current shared datasource > Remediate high risk CVE scored vulnerabilities (x4 with high EPSS rating) > Reduce exposure to internal audience. > Create new db and instance for above isolated datasource > > Would you take it further and ensure this runs on it's own separate Tomcat > instance? > Any other recommendations? > > > >