Hacker News new | ask | show | jobs
by cody8295 3204 days ago
>There was a critical vuln in the framework, and they failed to update their box for N months. But we're talking only a few months. N is very small -- maybe four?

The vulnerability was in Apache Struts and has existed for 9 years: https://arstechnica.com/information-technology/2017/09/equif...