VulnerabilitiesJan 19, 2026•3 min read
Apache Struts XXE Flaw Exposes Enterprise Apps to Data Theft
CVE-2025-68493 in the XWork component enables XML External Entity attacks that can leak files, perform SSRF, or crash systems. Patch to version 6.1.1.
Marcus Chen