A zero-day vulnerability in Apache Struts 2, a web application development framework, has been exploited by hackers. The software allows attackers to craft a malicious Content-Type value within an HTTP request, which would cause the software to throw an exception. As a precaution, Canada shut down its tax-filing website, used for filing tax returns, as a precaution. Apache Software Foundation issued a patch for that flaw on March 8, advising users to update to Struts version 2.3.32 or 2.5.10.1.”]
Source: https://www.cuinfosecurity.com/canadian-agency-narrowly-avoids-breach-from-zero-day-flaw-a-9768