THREAT OPS › Threat News › [NVD] CVE-2025-68493 (HIGH 8.1) — Missing XML Validation vulnerability in Apache Struts, Apache Struts.
This issue affects Apache Struts: from 2.0.0 before 2.2.1; Apache Struts: from 2.2.1 through 6.1.0.
Users are recommended to upgrade to version 6.1.1, which fixes the issue.
[NVD] CVE-2025-68493 (HIGH 8.1) — Missing XML Validation vulnerability in Apache Struts, Apache Struts. This issue affects Apache Struts: from 2.0.0 before 2.2.1; Apache Struts: from 2.2.1 through 6.1.0. Users are recommended to upgrade to version 6.1.1, which fixes the issue.
CVE-2025-68493 CVSS: 8.1 HIGH Published: 2026-01-11T13:15:45.610
Missing XML Validation vulnerability in Apache Struts, Apache Struts.
This issue affects Apache Struts: from 2.0.0 before 2.2.1; Apache Struts: from 2.2.1 through 6.1.0.
Users are recommended to upgrade to version 6.1.1, which fixes the issue.
Indicators of compromise
- CVE-2025-68493cve
Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-68493