You're on your way to the next level! Join the Kudos program to earn points and save your progress.
Level 1: Seed
25 / 150 points
Next: Root
1 badge earned
Challenges come and go, but your rewards stay with you. Do more to earn more!
What goes around comes around! Share the love by gifting kudos to your peers.
Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!
Join now to unlock these features and more
The Atlassian Community can help you and your team get more value out of Atlassian products and practices.
Hi Team,
I found one critical Vulnerabilities (97610 - Apache Struts 2.3.5 - 2.3.31 / 2.5.x < 2.5.10.1 Jakarta Multipart Parser RCE) in bamboo application. We tried to download struts2-core-2.5.20 .jar from apache strut site but its not working, even I tried from maven repository but no luck. So need help from this community to resolve my issue.
Application not started with struts2-core-2.5.20.jar file so I have to roll back with old file again to run application properly.
Bamboo : version 5.13.0.1 build 51314
File Location : /opt/atlassian/bamboo/atlassian-bamboo/WEB-INF/lib
File Name : struts2-core-2.5.1-atlassian-10.jar
Need greater version than 2.5.1
Hi,
your version is over EOL so I think you have only two options.
Can you make upgrade?
HI Petr,
Thanks for quick reply
I need to check if i can upgrade.
Regards,
Jitendra
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.