Apache Struts

Apache Struts is a free, open-source, MVC framework for creating elegant, modern Java web applications. It favors convention over configuration, is extensible using a plugin architecture, and ships with plugins to support REST, AJAX and JSON.

Download

Technology Primer

Apache Struts 2.5.28.3 GA

Apache Struts 2.5.28.3 GA has been released
on 02 January 2022.

Read more in Announcement or in Version notes

Security Advice on Log4j 2.12.2/2.16.0

The Apache Struts Security team would like to announce that all the users using the latest Struts 2.5.x series should either upgrade to Apache Struts 2.5.28.1 which uses Log4j 2.12.2 version that addresses CVE-2021-45046 or upgrade Log4j to version 2.12.2 (when running on Java 1.7) or 2.16.0 (when running on Java 8+). Read more in Announcement

Google's Patch Reward program

During SFHTML5 Google announced that they extend their program to cover the Apache Struts project as well. Now you can earn money preparing patches for us! read more

Apache Struts 2.3.x EOL

The Apache Struts Team informs about discontinuing support for Struts 2.3.x branch, we recommend migration to the latest version of Struts, read more in Announcement

Apache Struts 2.3.37 GA

It's the latest release of Struts 2.3.x which contains the latest security fixes, released on 30 December 2018.
Read more in Announcement or in Version notes

Immediately upgrade commons-fileupload to version 1.3.3

The Apache Struts Team recommends to immediately upgrade your Struts 2 based projects to use the latest released version of Commons FileUpload library, which is currently 1.3.3. Announcement

Keep in touch:

IRC: #struts

Follow @TheApacheStruts