Workiva does not utilize any version of Apache Struts and is therefore not vulnerable to the attacks described in CVE-2023-50164.
We will continue to monitor the situation and work closely with applicable third-party vendors to ensure that appropriate mitigations and/or updates have been deployed. If an impact is identified, we will notify impacted customers without undue delay.