wt., 22 lis 2022 o 11:53 Yew Hwa Ho <hoyew...@gmail.com> napisał(a): > > Hi Lukasz, > > Thank you for your reply. > > In the event that Tiles 3.0.8 in the current versions of Struts has CVE, > will the Struts team be providing the fixes for the CVE.
Do you refer to that https://devhub.checkmarx.com/cve-details/Cx78f40514-81ff/ ? If so, this is a vulnerability in a third-party library, which isn't used by Struts, which means the problem will be automatically addressed once Tiles gets merged into Struts code base. Regards -- Łukasz + 48 606 323 122 http://www.lenart.org.pl/ --------------------------------------------------------------------- To unsubscribe, e-mail: user-unsubscr...@struts.apache.org For additional commands, e-mail: user-h...@struts.apache.org