Posted on

Apache Struts up to 2.0.33/2.5.10 Freemarker Tag privilege escalation

A vulnerability, which was classified as critical, has been found in Apache Struts up to 2.0.33/2.5.10 (Programming Tool Software). This issue affects an unknown functionality of the component Freemarker Tag Handler. Upgrading eliminates this vulnerability. A possible mitigation has been published even before and not after the disclosure of the vulnerability.