The Apache Struts 2 framework is used extensively to build web applications. This framework has also been the victim of several vulnerabilities that dramatically affect users all over the world. Last year, Equifax was famously the victim of a vulnerability of the Apache Struts framework and, when they didn't implement the recommended patches, it cost them over $600 Million. Well, a new (even worse) vulnerability has been found on the Struts 2 framework. It's a Remote Code Execution vulnerability whereby an attacker can take control of your web server. In this video, John explains this new vulnerabilty and highlights some ways to keep your applications safe from attacks. Enjoy!
