HTTP/2 200
server: Apache
last-modified: Sun, 14 Dec 2025 18:50:20 GMT
etag: "3035-645edf7644688-gzip"
content-encoding: gzip
access-control-allow-origin: *
content-security-policy: default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/ ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/ ; style-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/ ; frame-ancestors 'self'; frame-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/ ; worker-src 'self' data: blob:;
content-type: text/html
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
age: 2422
date: Thu, 25 Dec 2025 20:20:34 GMT
x-served-by: cache-hel1410021-HEL, cache-bom-vanm7210065-BOM
x-cache: HIT, HIT
x-cache-hits: 17, 0
x-timer: S1766694035.593515,VS0,VE1
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3645
Welcome to the Apache Struts project
Apache Struts
Apache Struts is a free, open-source, MVC framework for creating elegant,
modern Java web applications. It favors convention over configuration, is
extensible using a plugin architecture, and ships with plugins to support
REST, AJAX and JSON.
Apache Struts 7.1.1 GA
Apache Struts 7.1.1 GA has been released
Read more in
Announcement or in
Version notes
Apache Struts 6.8.0 GA
Apache Struts 6.8.0 GA has been released
Read more in
Announcement or in
Version notes
CVE-2025-64775 File leak in multipart request processing causes disk exhaustion (DoS)
Upgrade to Apache Struts 6.8.0 or 7.1.1 to mitigate the vulnerability.
Read more in the Announcement or in
the Security Bulletin S2-068
Google's Patch Reward program
During SFHTML5 Google announced that
they extend their program to cover the Apache Struts project as well. Now you can earn
money preparing patches for us!
read more
Apache Struts 2.5.x EOL
The Apache Struts Team informs about discontinuing support for Struts 2.5.x branch, we recommend migration
to the latest version of Struts, read more in
Announcement
Download
Technology Primer