XWork is an command-pattern framework that is used to power WebWork as well as other applications. XWork provides an Inversion of Control container, a powerful expression language, data type conversion, validation, and pluggable configuration.
Known vulnerabilities in the com.opensymphony:xwork package. This does not include vulnerabilities belonging to this package’s dependencies.Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
com.opensymphony:xwork is a generic command pattern framework. It forms the core of Struts 2.
Affected versions of this package are vulnerable to Arbitrary OGNL Statement Execution.
How to fix Arbitrary OGNL Statement Execution?