Lucene search
K

6 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/02/18 1:45 a.m.59 views

Security Bulletin: Vulnerabilities in Apache Struts affect the IBM FlashSystem models 840 and 900 (CVE-2016-0785 CVE-2016-2162)

Summary Open Source Apache Struts vulnerabilities were disclosed in March 2016. Struts is used by IBM® FlashSystem™ 840 and IBM FlashSystem 900 in its Service Assistant GUI. Vulnerability Details CVEID: CVE-2016-0785 DESCRIPTION: Apache Struts could allow a remote attacker to execute arbitrary co...

9CVSS8.1AI score0.08812EPSS
Exploits0Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 5:6 a.m.4 views

SUSE CVE-2016-2162

Apache Struts 2.x before 2.3.25 does not sanitize text in the Locale object constructed by I18NInterceptor, which might allow remote attackers to conduct cross-site scripting XSS attacks via unspecified vectors involving language display...

6.1CVSS6.2AI score0.07987EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2022/05/17 3:42 a.m.3 views

be.objectify:objectify-struts2-tags (=1.0), br.net.woodstock.rockframework:rockframework-struts2 (>=2.0.0 <=2.0.8) +216 more potentially affected by CVE-2016-2162 via org.apache.struts:struts2-core (>=2.0.11 <=2.3.24.3)

org.apache.struts:struts2-core MAVEN version =2.0.11, =2.0.0, =1.2.1, =1.5.3, =1.5.3, =1.2.2, =1.2.2, =1.2.2, =1.2.2, =0.5.9, =1.2.0, =1.0.0, =1.2.6 and more Source cves: CVE-2016-2162 Source advisory: OSV:GHSA-2J4Q-9FFF-236J...

6.1CVSS6.6AI score0.07987EPSS
Exploits0
F5 Networks
F5 Networks
added 2016/04/25 12:0 a.m.249 views

SOL17588029 - Apache Struts vulnerabilities CVE-2016-0785, CVE-2016-2162, CVE-2016-3081, CVE-2016-3082, and CVE-2016-4003

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

10CVSS2.9AI score0.9373EPSS
Exploits12References4
OSV
OSV
added 2016/04/12 4:59 p.m.7 views

CVE-2016-2162

Apache Struts 2.x before 2.3.25 does not sanitize text in the Locale object constructed by I18NInterceptor, which might allow remote attackers to conduct cross-site scripting XSS attacks via unspecified vectors involving language display...

6.1CVSS5.9AI score
Exploits0References3
CVE
CVE
added 2016/04/12 4:0 p.m.77 views

CVE-2016-2162

CVE-2016-2162 affects Apache Struts 2.x where the Locale object created by I18NInterceptor is not sanitized, enabling remote XSS via crafted language-display inputs. The described impact is XSS in the victim’s browser within the web site's context. Affected versions are Struts 2.x prior to 2.3.25...

6.1CVSS5.8AI score0.07987EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder