Remote Code Execution (RCE)

org.apache.struts: struts2-core is vulnerable to Remote Code Execution. The vulnerability is due to the HttpParameters class in HttpParameters.java failing to sanitize parameters with different cases. The remove , get and contains methods treat parameters with different character cases as unique...