The advisory indicates this affects Atlassian's build of xwork. Does this also affect the official build of xwork? I'm guessing not.
On Mon, Aug 5, 2013 at 5:23 PM, Martin Gainty <mgai...@hotmail.com> wrote: > so..to mitigate > > struts-2.0.9 + > > ? > Martin > > > > > > Date: Mon, 5 Aug 2013 14:37:24 -0400 > > Subject: FYI > > From: davelnew...@gmail.com > > To: dev@struts.apache.org > > > > I expect most of you already saw (or assumed) this, but just in case: > > > > > https://confluence.atlassian.com/display/DOC/Confluence+Security+Advisory+2013-08-05 > > > > Oh OGNL. > > > > Dave > >
