CVE-2013-2134

Name of the Vulnerable Software and Affected Versions Apache Struts versions prior to 2.3.14.3

Description The issue is related to the implementation of the OGNL (Object-Graph Navigation Language) expression language class in the Apache Struts platform, which is associated with incorrect code generation management. Exploitation of this issue may allow a remote attacker to execute arbitrary code by sending a specially crafted request.

Recommendations For versions prior to 2.3.14.3, update to version 2.3.14.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the OGNL expression language class to minimize the risk of exploitation.