Is APM Affected by the Apache Struts 2 CVE-2017-5638 vulnerability?