Apache Struts Incomplete Fix Remote Code Execution Vulnerability
Apache Struts is prone to a remote code-execution vulnerability.
Successfully exploiting this issue may allow an attacker to execute arbitrary code in the context of the affected application. Failed exploit attempts may cause a denial-of-service condition.
Apache Struts 2.0.0 through 18.104.22.168 are vulnerable.
Note: This issue is the result of an incomplete fix for CVE-2016-0785 described in 85066 (Apache Struts CVE-2016-0785 Remote Code Execution Vulnerability).