ID CVE-2006-1548 Type cve Reporter cve@mitre.org Modified 2017-07-20T01:30:00
Description
Cross-site scripting (XSS) vulnerability in (1) LookupDispatchAction and possibly (2) DispatchAction and (3) ActionDispatcher in Apache Software Foundation (ASF) Struts before 1.2.9 allows remote attackers to inject arbitrary web script or HTML via the parameter name, which is not filtered in the resulting error message.
{"osvdb": [{"lastseen": "2017-04-28T13:20:21", "bulletinFamily": "software", "description": "## Solution Description\nUpgrade to version 1.2.9 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Manual Testing Notes\nhttp://[target]:8988/[path]/browse.do?act=%3CSCRIPT%3Ealert(%22XSS%22);%3C/SCRIPT%3E&select=1177281\n## References:\nVendor URL: http://struts.apache.org/\nVendor Specific News/Changelog Entry: http://issues.apache.org/bugzilla/show_bug.cgi?id=38749\nVendor Specific News/Changelog Entry: http://struts.apache.org/struts-doc-1.2.9/userGuide/release-notes.html\nSecurity Tracker: 1015856\n[Secunia Advisory ID:20117](https://secuniaresearch.flexerasoftware.com/advisories/20117/)\n[Secunia Advisory ID:19493](https://secuniaresearch.flexerasoftware.com/advisories/19493/)\n[Related OSVDB ID: 24363](https://vulners.com/osvdb/OSVDB:24363)\n[Related OSVDB ID: 24364](https://vulners.com/osvdb/OSVDB:24364)\nOther Advisory URL: http://lists.suse.com/archive/suse-security-announce/2006-May/0004.html\n[CVE-2006-1548](https://vulners.com/cve/CVE-2006-1548)\nBugtraq ID: 17342\n", "modified": "2006-02-22T10:17:36", "published": "2006-02-22T10:17:36", "href": "https://vulners.com/osvdb/OSVDB:24365", "id": "OSVDB:24365", "type": "osvdb", "title": "Apache Struts Multiple Function Error Message XSS", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "redhat": [{"lastseen": "2019-08-13T18:44:52", "bulletinFamily": "unix", "description": "Struts is a framework for building web applications with Java.\r\n\r\nA validation bug was found in the way Struts handles\r\norg.apache.struts.taglib.html.Constants.CANCEL requests. If it is possible\r\nfor a remote attacker to inject a CANCEL request during a validation\r\noperation, it may be possible for the attacker to acquire credentials\r\nwithout the proper authentication information. (CVE-2006-1546)\r\n\r\nA denial of service bug was found in the way Struts handles\r\nmultipart/form-data encoded form data. If it is possible for a remote\r\nattacker to reference the public getMultipartRequestHandler method, the\r\nattacker can prevent the Struts application from functioning properly.\r\n(CVE-2006-1547)\r\n\r\nA cross site scripting bug was found in the way Struts displays certain\r\nerror messages via its LookupDispatchAction, DispatchAction, and\r\nActionDispatcher handler. It may be possible for an attacker to construct a\r\nspecially crafted URL that could fool a victim into believing they are\r\nviewing a trusted site. (CVE-2006-1548)\r\n\r\nAll users of Struts should upgrade to this updated package containing \r\nStruts version 1.2.9, which is not vulnerable to these issues.", "modified": "2019-03-22T23:44:13", "published": "2006-05-03T04:00:00", "id": "RHSA-2006:0281", "href": "https://access.redhat.com/errata/RHSA-2006:0281", "type": "redhat", "title": "(RHSA-2006:0281) struts security update for Red Hat Application Server", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}]}
