Apologies, I am not java/apache expert in any way, I just use the pwm software on a windows 10 VM.

but is PWM affected with this Zero Day?

and PWM uses apache/java, and it logs IP's etc, so this could be affected PWM?

sigh, apologies, forgotten about the google group!