The Apache Software Foundation has released a security advisory to address a vulnerability (CVE-2024-53677) in multiple versions of Apache Struts. A remote attacker could exploit this vulnerability to trigger remote code execution on an affected system. These issues affect Apache Struts:

• Struts 2.0.0 — Struts 2.3.37 (EOL)

• Struts 2.5.0 — Struts 2.5.33 (EOL)

• Struts 6.0.0 — Struts 6.3.0.2

More information on vulnerabilities and update is available in the Apache’s release note – apache.org