Cisco's Talos security team announced it discovered attacks against a zero-day vulnerability in Apache Struts, which Apache patched on Monday.

All versions of Struts since 2008 are affected, said the researchers. Apache Struts is used across the Fortune 100 to provide web applications in Java, and it powers front- and back-end applications.

Struts is an open source MVC framework for creating modern Java web applications, and its widely used in enterprise environments, for both Intranets and public websites.

Struts 2 is an open-source coding framework and library for enterprise developers popular with developers and companies when creating Java-based applications.

Mo first reported the findings in April. By June, the Apache Struts team published the code which resolved the problem, leading to the release of official patches on August 22.