Struts Lücke

Das gibt noch mehr Leaks, wenn nicht nur IRC-Bouncer installiert werden.

“Many of those apps may be essentially abandoned,” Bright wrote. “The earliest affected version of Struts was released in October 2012, and I bet that there’s plenty of apps developed since then that are ‘finished’. They’re still used and deployed, but they’re not receiving ongoing maintenance; their developers have moved on to other projects, or even other companies.”

arstechnica.com