CVE-2025-66675 | Apache Struts up to 6.7.4/7.0.3/7.1.0 Multipart Request cleanup

A vulnerability identified as problematic has been detected in Apache Struts up to 6.7.4/7.0.3/7.1.0. Affected by this issue is some unknown functionality of the component Multipart Request Handler. Performing manipulation results in incomplete cleanup.

This vulnerability is cataloged as CVE-2025-66675. It is possible to initiate the attack remotely. There is no exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More