2

We have a project that was developed using Struts-1.2.4 version. As this version has some security vulnerabilities, we are planning to adopt a new version in 1.x only(not Struts 2 as Struts 2 is a complete new stuff). What's the version in Struts 1.x which has no security vulnerabilities and best one to go with?

Thanks, Sunil

Sunil
  • 59
  • 1
  • 5

1 Answers1

0

If you check the vulnerability database, you will find all the 1.x versions are having few at least. Better to update to a version like 2.3.34 or never by putting some effort to the code base.

https://www.cvedetails.com/version-list/45/6117/3/Apache-Struts.html?sha=0fb43196be9e95bac47800de1a8f1497abbfb376&order=1&trc=154

vidulahasaranga
  • 78
  • 5