The Apache Software Foundation has released security updates to address a vulnerability in Struts 2. Apache Struts 2 is an open-source web application framework for developing Java EE web applications. A remote attacker could exploit this vulnerability to take control of an affected system.
Administrators of an affected system are encouraged to review the Apache Security Bulletin and upgrade to Struts 2.3.32 or Struts 220.127.116.11. Please contact the Technology Help Desk at 412-624-HELP  if you have any questions about this announcement or need assistance.