Apache Struts Warns Users of Two-Year-Old Vulnerabilityby CyberAvalonNovember 6, 2018 Users must update their vulnerable libraries manually. Go to Source