Cybersecurity researchers have identified a significant risk with outdated Apache Struts versions, especially involving CVE-2025-68493, discovered by an autonomous AI system. The vulnerability allows attackers to cause system crashes through crafted input, putting many organizations at risk. #ApacheStruts #CVE202568493
Keypoints
- There has been a surge in downloads of outdated Apache Struts versions with a critical flaw.
- The flaw, CVE-2025-68493, involves unsafe XML parsing in the XWork component.
- Attackers can exploit the vulnerability by sending crafted input to cause system crashes.
- Over 387,000 downloads included unsupported, end-of-life versions, increasing the risk.
- Only about 1.8% of downloads used the secure, patched version 6.1.1, highlighting a widespread security gap.
Read More: https://hackread.com/years-old-vulnerable-apache-struts-2-downloads/