As Apache notes: "Using the old File Upload mechanism keeps you vulnerable to this attack." Despite web app developers often opting for different frameworks nowadays, Struts 2 remains widely popular.