EUVD-2022-5192

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Multiple cross-site scripting vulnerabilities in Dojo allow remote attackers to inject web scripts.

Reporter	Title	Published	Views	Family All 9
ATTACKERKB	CVE-2007-6726	9 Apr 200915:08	–	attackerkb
CVE	CVE-2007-6726	9 Apr 200915:00	–	cve
Cvelist	CVE-2007-6726	9 Apr 200915:00	–	cvelist
Github Security Blog	Apache Struts Dojo Plugin XSS Vulnerability	1 May 202218:45	–	github
NVD	CVE-2007-6726	9 Apr 200915:08	–	nvd
OpenVAS	Apache Struts Security Update (CVE-2007-6726)	16 Sep 202100:00	–	openvas
OSV	GHSA-RM26-W253-9QV7 Apache Struts Dojo Plugin XSS Vulnerability	1 May 202218:45	–	osv
Prion	Cross site scripting	9 Apr 200915:08	–	prion
Veracode	Cross-Site Scripting (XSS)	25 Mar 201908:40	–	veracode

[
  {
    "enisaIdVendor": [
      {
        "id": "cc9abd0f-0308-390a-ba73-700da99fec53",
        "vendor": {
          "name": "n/a"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "1db8e407-9865-3b32-bae1-3c1751caaad1",
        "product": {
          "name": "n/a"
        },
        "product_version": "n/a"
      }
    ]
  }
]

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2007-6726
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/49884
github	www.github.com/apache/struts-archive/blob/master/plugins/struts2-dojo-plugin
issues	www.issues.apache.org/struts/browse/WW-2134
dojotoolkit	www.dojotoolkit.org/0-4-3-and-updated-0-4-1-0-4-2-builds
dojotoolkit	www.dojotoolkit.org/2007/05/26/0-4-3-released-0-4-2-and-0-4-1-users-should-upgrade-immediately
dojotoolkit	www.dojotoolkit.org/releaseNotes/0.4.3
securityfocus	www.securityfocus.com/bid/34660

03 Oct 2025 20:07Current

6.5Medium risk

Vulners AI Score6.5

CVSS 24.3

EPSS0.01747