Apache Struts2 'XWork' Information Disclosure Vulnerability

Summary
This host is running Apache Struts and is prone to information disclosure vulnerability.
Impact
Successful exploitation will allow attackers to obtain potentially sensitive information about internal Java class paths via vectors involving an s:submit element and a nonexistent method, Impact Level: Application.
Solution
Upgrade to Struts version 2.2.3 or later For updates refer to http://struts.apache.org/download.cgi
Insight
The flaw is due to error in XWork, when handling the 's:submit' element and a nonexistent method, which gives sensitive information about internal Java class paths.
Affected
XWork version 2.2.1 in Apache Struts 2.2.1
References