CVE-2016-4431
CVE-2016-4431 affects Apache Struts 2.2.3.20–2.3.28.1, allowing remote attackers to bypass access restrictions and perform redirection via the default action method. Multiple connected advisories identify this as an in-the-wild risk in various IBM FlashSystem products and related Struts deploymen...