Lucene search
Japan Vulnerability NotesJVN:25435092HistoryDec 22, 2011 - 12:00 a.m.
JVN#25435092: Apache Struts vulnerable to cross-site scripting
2011-12-2200:00:00
Japan Vulnerability Notes
jvn.jp
22
0.004 Low
EPSS
Percentile
74.4%
Apache Struts provided by the Apache Software Foundation is a software framework for creating Java web applications. Apache Struts may create web applications that contain a cross-site scripting vulnerability.
Impact
An arbitrary script may be executed on the userβs web browser.
Solution
Update the software
Update to the latest version according to the information provided by the developer.
Products Affected
- Apache Struts versions prior to 2.2.3.1
- Apache Struts versions 2.0.x
Web applications that use Apache Struts may be affected.
Related
osv
osv
Cross-site Scripting in Apache Struts
2022-05-17 05:35:28
XWork in Apache Struts Reveals Sensitive Information
2022-05-14 02:55:17
seebug
seebug
Apache Struts XWork 's:submit' HTMLζ ηΎθ·¨η«θζ¬ζΌζ΄
2011-05-12 00:00:00
prion
prion
Cross site scripting
2011-05-13 17:05:00
Security feature bypass
2011-05-13 17:05:00
cve
cve
CVE-2011-1772
2011-05-13 17:05:00
CVE-2011-2088
2011-05-13 17:05:00
nessus
nessus
Apache Struts 2.x < 2.2.3 Multiple XSS (S2-006)
2018-09-10 00:00:00
securityvulns
securityvulns
Apache Struts 2 Multiple Reflected XSS in XWork error pages
2011-05-11 00:00:00
openvas
openvas
Apache Struts Security Update (S2-006) - Version Check
2021-09-14 00:00:00
Apache Struts Security Update (S2-006) - Active Check
2011-05-23 00:00:00
checkpoint_advisories
checkpoint_advisories
Apache Struts XWork Error Page Multiple Cross-Site Scripting (CVE-2011-1772)
2013-10-13 00:00:00
cvelist
cvelist
CVE-2011-1772
2011-05-13 17:00:00
CVE-2011-2088
2011-05-13 17:00:00
packetstorm
packetstorm
Apache Struts 2 Cross Site Scripting
2011-05-11 00:00:00
github
github
Cross-site Scripting in Apache Struts
2022-05-17 05:35:28
XWork in Apache Struts Reveals Sensitive Information
2022-05-14 02:55:17
