The Apache Struts web framework has a critical vulnerability that could be exploited by attackers to take full control of the application. Security experts say all users of all versions of Struts should install the patch as quickly as possible. The Equifax breach demonstrates that Struts users may have days, at most, to patch flaws before attackers attempt to exploit them. Struts, of course, was the software tied to the massive breach of Equifax in March 2017 (see Equifax’s Colossal Error)”]
Source: https://www.cuinfosecurity.com/apache-struts-issues-emergency-patch-to-fix-critical-flaw-a-11412