The host is installed with Apache Struts 2.0.x before 2.5.33, or 6.0.x before 6.3.0.2 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle issue in the file upload params. Successful exploitation could allow attackers to manipulate file upload params to enable path traversal and under some circumstances this can lead to uploadi ...