Apache Struts 2 vulnerability and CafêX software (CVE-2017-5638)

CafêX has been made aware of serious vulnerability with Apache struts 2.
The vulnerability summary:
The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before mishandles file upload, which allows remote attackers to execute arbitrary commands via a #cmd= string in a crafted Content-Type HTTP header, as exploited in the wild in March 2017.
More details at: 
CafêX does not use Apache Struts 2 and is not vulnerable to https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5638
If you require further information please contact support@cafex.com.
Have more questions? Submit a request