Apache Struts includeParams Remote Code Execution Exploit

Apache Struts 2 before allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) A tag. This module leverages the vulnerability to install an agent in vulnerable installation.
Exploit type: 
Vulnerabilty ID: 
Product Version: 
Released Date: 
Thursday, September 18, 2014 - 00:00