Remote command execution
This package allows remote attackers to execute arbitrary OGNL code via a crafted parameter name that is not properly handled when invoking a redirect.
Advisories for Maven/Org.apache.struts/Struts2-Showcase package
2013
This package allows remote attackers to execute arbitrary OGNL code via a crafted parameter name that is not properly handled when invoking a redirect.