This week's book giveaway is in the OCAJP 8 forum. We're giving away four copies of OCA Java SE 8 Programmer I Study Guide and have Edward Finegan & Robert Liguori on-line! See this thread for details.
On April 24, 2014, the Struts developers announced that all versions of Struts prior to 18.104.22.168 are vulnerable to a serious security issue.
There is also a serious issue with the version of Apache FileUpload included with previous versions of Struts.
Upgrade to Struts 22.214.171.124 as soon as possible.
S2-021 Improves excluded params to avoid ClassLoader manipulation via ParametersInterceptor
S2-021 Adds excluded params to CookieInterceptor to avoid ClassLoader manipulation when the interceptors is configured to accept all cookie names (wildcard matching via "*")