NA – CVE-2017-9791 – The Struts 1 plugin in Apache Struts 2.3.x…

The Struts 1 plugin in Apache Struts 2.3.x might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage.

Link: http://feeds.security-database.com/~r/Last100Alerts/~3/ddqCKLKUVE0/detail.php