A vulnerability in Apache Struts, can allow an attacker to send HTTP requests and achieve remote code execution on the server, i.e. the attacker attains the privilege of running any code in the environment that the web server is running. A proof-of-concept (PoC) exploit has been found to be available in the public domain.