API Portal and Java vulnerability (CVE-2018-2942)