UPDATE:9/6/2017 – DocuSign and Apache Struts Security Alert Status
Apache issued a security alert on September 5, 2017 for Struts, an open source framework for creating Java web applications. The component performs unsafe deserialization and could lead to a remote code execution vulnerability.
DocuSign does not use Apache Struts within our DocuSign services or our Digital Transaction Management platform.
For more information, you can reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9805 or https://struts.apache.org/docs/s2-052.html.