Critical Apache Struts 2 Flaw Could Let Attackers Steal Sensitive Data

A newly disclosed vulnerability in Apache Struts 2’s XWork component could expose sensitive data and open the door to denial‑of‑service and server‑side request forgery…