Canada Revenue Agency took its website offline over the weekend — a precautionary measure, officials said, while they dealt with an unspecified "internet vulnerability." ... we mean something called Apache Struts 2. It's a bunch of code that developers use to create web applications with the Java programming language.
This news is around a week old. Heres are the story from
CBC News
This is a report from the
Security Now Podcast #603 - (timecode 39:21). Some of the terminology isn't quite right, but still worth listening to.
Further information from NIST:
Vulnerability Summary for CVE-2017-5638