I found one critical Vulnerabilities (97610 - Apache Struts 2.3.5 - 2.3.31 / 2.5.x < 188.8.131.52 Jakarta Multipart Parser RCE) in bamboo application. We tried to download struts2-core-2.5.20 .jar from apache strut site but its not working, even I tried from maven repository but no luck. So need help from this community to resolve my issue.
Application not started with struts2-core-2.5.20.jar file so I have to roll back with old file again to run application properly.
Bamboo : version 184.108.40.206 build 51314
File Location : /opt/atlassian/bamboo/atlassian-bamboo/WEB-INF/lib
File Name : struts2-core-2.5.1-atlassian-10.jar
Need greater version than 2.5.1
your version is over EOL so I think you have only two options.
Can you make upgrade?
G’day Community! As we gear up to introduce Bamboo Data Center to the world, we wanted to make sure that we shared a bit more about Bamboo, the product. Our team has put together an overview video ...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events