Ars Technica

Serving xml files in a java/struts webapp?

I'm no Struts expert, but my guess is that Struts adds a Servlet Mapping for anything in the context that ends in .xml.
PC World

Oracle fixes Struts and Shadow Brokers exploits in huge patch release

Oracle has released a record 299 security fixes for vulnerabilities in its products, including patches for a widely exploited vulnerability in the Apache Struts framework and a Solaris exploit ...
PC World

Apache Struts security update fixes critical vulnerabilities

The Apache Software Foundation has released Struts 2.3.15.1, a security update for its popular Java Web application development framework that addresses two vulnerabilities, including a critical one ...
Bleeping Computer

Apache Struts Zero-Day Exploited in the Wild

Cisco's Talos security team announced it discovered attacks against a zero-day vulnerability in Apache Struts, which Apache patched on Monday. According to its website, "Apache Struts is a free, ...
Dark Reading

New Apache Struts Vulnerability Leaves Major Websites Exposed

Remember last year's Equifax hack? It involved an exploit of a vulnerability in Apache Struts. Yesterday, news came of a new vulnerability in the open source Web framework, one that some people are ...