A vulnerability (CVE-2021-31805) has been identified in Apache Struts. A remote attacker can exploit this vulnerability to trigger remote code execution on the targeted system. Vulnerability affects Apache Struts versions from 2.0.0 through 2.5.29. The vulnerability is fixed in Apache Struts version 2.5.30.

Source: apache.org