Apache Struts CVE-2013-1965 Code Injection Vulnerability
Description
OGNL provides, among other features, extensive expressionevaluation capabilities.A request that included a specially crafted request parameter could be used to inject arbitrary OGNL code into a property, afterward used as request parameter of a redirect address, which will cause a further evaluation.
Affected Applications
Apache Struts