This host is running Apache Struts2 and is prone to redirection and security bypass vulnerabilities.
Successful exploitation will allow remote attacker to execute arbitrary arbitrary Java code via OGNL (Object-Graph Navigation Language) or redirect user to a malicious url.
Upgrade to Apache Struts 2 version 126.96.36.199 or later, For updates refer to http://struts.apache.org
Flaws are due to improper sanitation of 'action:', 'redirect:', and 'redirectAction:' prefixing parameters before being used in DefaultActionMapper.
Apache Struts 2.0.0 to 2.3.15
Send an expression along with the redirect command via HTTP GET request and check whether it is redirecting and solve the expression or not.
Updated on 2015-03-25