Mac Developer: Exploit goes public for severe bug affecting high-impact sites | Ars Technica
Exploit goes public for severe bug affecting high-impact sites | Ars Technica: "The critical vulnerability is located in Apache Struts 2, an open-source framework that large numbers of enterprise-grade organizations use to develop customer-facing Web applications. The bug, which has been active since 2008, allows end users to execute malicious code or commands by plugging maliciously modified data into search boxes or similar features hosted on the site."
Not invented here syndrome may have some unexpected benefits.
Labels: security exploit, security fix, security flaw