I am creating a web portal in java using Struts-2 framework. What are possible vulnerabilities in Java EE web portals and how can I can prevent my portal from them.Related links will be appreciated.
First you make yourself familiar with the top 10 web attacks: owasp top ten
Then you regularly check the published vulnerabilities for your framework: struts vulnerabilities
At some point there are tools which can automate parts of this.