Security experts urge enterprises using Apache Struts2 for Web applications to upgrade to 2.3.32 or 2.5.10.1. Cisco Talos disclosed an easily exploitable bug in all other versions of the open-source framework. The remotely executable flaw exists in something called the Jakarta Multipart Parser in Struts. Exploits for the flaw are already available in the wild and attackers are using them to actively look for and target vulnerable Web servers. In many cases, attackers are seeking to use the flaw to distribute malware, including DoS bots.”]