Cisco's Talos security team announced it discovered attacks against a zero-day vulnerability in Apache Struts, which Apache patched on Monday.

Struts is an open source MVC framework for creating modern Java web applications, and its widely used in enterprise environments, for both Intranets and public websites.

All versions of Struts since 2008 are affected, said the researchers. Apache Struts is used across the Fortune 100 to provide web applications in Java, and it powers front- and back-end applications.

Struts 2 is an open-source coding framework and library for enterprise developers popular with developers and companies when creating Java-based applications.