This module exploits a vulnerability in Apache Struts 2. The specific vulnerability happens when using the "includeParams" attribute in the URL or A tag. CVE Link CVE-2013-2115 CVE-2013-1966 Exploit Type Exploits OS Command Injection Known Vulnerabilities Product Name Impact