A critical software vulnerability with wide-reaching impact on applications across the globe was disclosed by Apache on December 9, 2021. Since the disclosure, the Ouriginal team (part of the Turnitin family) has been investigating and mitigating the impact of the vulnerability. We have implemented Apache’s latest recommended remediation. Please be assured that we are monitoring our system and have no known exploitations of the vulnerability.