Severity: important Affected versions:
- Apache Struts (com.opensymphony:xwork) 2.0.0 before 2.2.1 - Apache Struts (org.apache.struts.xwork:xwork-core) 2.2.1 through 6.1.0 Description: Missing XML Validation vulnerability in Apache Struts, Apache Struts. This issue affects Apache Struts: from 2.0.0 before 2.2.1; Apache Struts: from 2.2.1 through 6.1.0. Users are recommended to upgrade to version 6.1.1, which fixes the issue. References: https://cwiki.apache.org/confluence/display/WW/S2-069 https://struts.apache.org/ https://www.cve.org/CVERecord?id=CVE-2025-68493 --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
