CVE-2012-1007

Multiple cross-site scripting XSS vulnerabilities in Apache Struts 1.3.10 allow remote attackers to inject arbitrary web script or HTML via 1 the name parameter to struts-examples/upload/upload-submit.do, or the message parameter to 2 struts-cookbook/processSimple.do or 3...