The vulnerability of the implementation of the DefaultActionMapper mechanism in the Apache Struts software platform allows a perpetrator to execute arbitrary code.
The vulnerability of the DefaultActionMapper mechanism implemented by the Apache Struts software platform is related to insufficient cleaning of input data when processing parameters such as action:, redirect:, and redirectAction: prefix. Exploiting this vulnerability allows an attacker to execut...