On March 6th, a new remote code execution (RCE) vulnerability in Apache Struts 2 was made public. This recent vulnerability, CVE-2017-5638, allows a remote attacker to inject operating system commands into a web application through the “Content-Type” header. Written in Java, Apache Struts 2 is the popular open source web application framework.
SMG does not use "Struts 2", which is the component identified in the vulnerability.
Subscribing will provide email updates when this Article is updated. Login is required.