Using QL to find a remote code execution vulnerability in Apache Struts | Dark Hacker News