Hi, I have used struts-1.2.9.jar in a project. I found *CVE-2014-0114* vulnerability in this jar. While looking for the possible solutions for these I found that Struts 1.x has had its End-Of-Life announcement one year ago but it is looking for a correction/mitigation for this issue. Below is the link.
http://mail-archives.apache.org/mod_mbox/struts-announcements/201404.mbox/%3C535F5F52.4040108%40apache.org%3E Can you please suggest me possible fix/alternates to get rid of this vulnerability. Thanks in advance! Ruchika
