Improper Output Neutralization For Logs
org.apache.struts, struts-extras is vulnerable to Improper Output Neutralization for Logs. The vulnerability is due to LookupDispatchAction printing untrusted input to logs without filtering, which allows an attacker to craft input that injects misleading log entries, potentially confusing human ...