Information from NEC Corporation

Vulnerability ID:JVN#72225922
Title:Apache Struts Validator allows to bypass input data validation
Status:Vulnerable, investigating

This is a statement from the vendor itself with no modification by JPCERT/CC.