2011/8/9 Sridhar Vanukuri <[email protected]> > Hello, > > We are using struts2 and tiles 2.0.6 and we want to verify and see if we > need to update the tiles version if there are any cross site scripting(xss) > or remotes code execution issues identified with tiles 2.0.6. Early > response > is appreciated. > > Not that I am aware of, we had only one security problem with versions 2.1.0 and 2.1.1 (fixed in newer versions): http://tiles.apache.org/framework/security/security-bulletin-1.html However Tiles 2.0.x is no longer maintained, bugs won't be fixed, they will be fixed only in the 2.2.x branch.
Antonio
