"On March 6, 2017, Apache disclosed a vulnerability in the Jakarta multipart parser of Apache Struts could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system. This vulnerability has been assigned CVE-ID CVE-2017-5638. " (Cisco Security Advisory)
Continue reading