CVE-2013-4316

Apache Struts 2.0.0 through 2.3.15.1 enables Dynamic Method Invocation by default, which has unknown impact and attack vectors.

Date published : 2013-09-30

http://www.securityfocus.com/bid/64758

http://archives.neohapsis.com/archives/bugtraq/2013-09/0107.html