Apache Struts
Apache Struts is a free, open-source, MVC framework for creating elegant, modern Java web applications. It favors convention over configuration, is extensible using a plugin architecture, and ships with plugins to support REST, AJAX and JSON.
Download
Technology Primer
Google's Patch Reward program
During SFHTML5 Google announced that they extend their program to cover the Apache Struts project as well. Now you can earn money preparing patches for us! read more
Apache Struts 2.5.17 GA
Apache Struts 2.5.17 GA has been released
on 22 August 2018.
Apache Struts 2.3.35 GA
It's the latest release of Struts 2.3.x which contains the latest security fixes,
released on 22 August 2018.
Read more in Announcement or in
Version notes
Immediately upgrade commons-fileupload to version 1.3.3
The Apache Struts Team recommends to immediately upgrade your Struts 2 based projects to use the latest released version of Commons FileUpload library, which is currently 1.3.3. Announcement
Apache Struts Extras GA
The Struts Extras secure Multipart plugins General Availability - versions 1.1, use them to secure your application against critical security vulnerability reported in S2-045, S2-046, read more in Announcement or in README
Immediately upgrade to version 2.5.17 or 2.3.35
The Apache Security Struts Team recommends to immediately upgrade your Struts 2 based projects to use the latest released version of the Apache Struts to prevent possible RCE attack when using results with no namespace, reported in S2-057. Read more in Announcement.