Summary
Acunetix 360 detected that the web application is configured to use the Config Browser plugin. The Config Browser Plugin is a tool used to view the web application configuration at runtime. This plugin should be used only during development phase and access to it should be strictly restricted in production.
Impact
The Config Browser plugin is exposing sensitive information that could help an attacker to conduct further attacks.
Actions To Take
The Config Browser plugin can be disabled by removing the .jar file (usually named struts2-config-browser-plugin-*.jar) from WEB-INF/lib directory.