Apache has released a security update to address a vulnerability in Apache Struts. A remote attacker could exploit the vulnerabilities by sending a specially crafted request to the affected systems.
A successful exploitation could lead to remote code execution on an affected system.
Administrators of the affected systems should upgrade the Apache Struts to current version 2.5.28.3 to address the issues. The update is available at:
https://struts.apache.org/download.cgi
Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risks.