Shine

**Name of the Vulnerable Software and Affected Versions** Apache Struts versions 2.0.0 through 2.3.15.1 **Description** The issue is related to the implementation of the Dynamic Method Invocation (DMI) mechanism in Apache Struts, which is associated with access control deficiencies. Exploitation of this issue may allow a remote attacker to execute arbitrary code. **Recommendations** For Apache Struts versions 2.0.0 through 2.3.15.1, consider disabling Dynamic Method Invocation by default as a temporary workaround until a patch is available. Restrict access to sensitive methods and functions to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.