Apache Struts CVE-2016-4461 Input Validation Bypass Vulnerability
Description
The same issue was reported inS2-029but the proposed solutions were not fully proper.The Apache Struts frameworks when forced, performs double evaluation of attributes' values assigned to certain tags so it is possible to pass in a value that will be evaluated again when a tag's attributes will be rendered.
Affected Applications
Apache Struts