The version of STAT 5.7.3 is currently using struts 2.3.20, but due to the recent security bulletin it's suggested to upgrade to Struts version 2.3.20.1.
When Stat will include the newer Stuts version or is it possible to adopt the workaround in struts to avoid the issue ?
The issue, included the workaround is documented at https://struts.apache.org/docs/s2-024.html
