Full title: Apache Struts 2.5 < 2.5.12 - REST Plugin XStream Remote Code Execution Exploit 
Category: remote exploits
Platform: linux
Apache Struts versions 2.5 through 2.5.12 using the REST plugin are vulnerable to a Java deserialization attack in the XStream library.

# 0day.today @ http://0day.today/