The latest version of Apache Struts 2 addresses several vulnerabilities, including a critical remote code execution flaw for which an exploit was created within hours after the release of a patch.
Article Link: http://feedproxy.google.com/~r/Securityweek/~3/nGzoXYzq4-M/exploit-available-critical-apache-struts-vulnerability