These are the notes for the Struts 220.127.116.11 distribution.
For prior notes in this release series, see Version Notes 18.104.22.168
- If you are a Maven user, you might want to get started using the Maven Archetype.
- Another quick-start entry point is the blank application. Rename and deploy the WAR as a starting point for your own development.
- There is huge number of examples you can also use as a starting point for you application here
You can also use Struts Archetype Catalog like below
- Forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution, read more details in S2-029
- Possible RCE vulnerability in
XSLTResultwas fixed, read more details in S2-031
- Prevents execution of chained expressions based on new
isSequenceflag introduce in appropriated OGNL versions, it's related to S2-032