Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

SUSE CVE
SUSE CVEadded 2025/07/30 11:21 p.m.1 views

SUSE CVE-2025-54656

UNSUPPORTED WHEN ASSIGNED Improper Output Neutralization for Logs vulnerability in Apache Struts. This issue affects Apache Struts Extras: before 2. When using LookupDispatchAction, in some cases, Struts may print untrusted input to the logs without any filtering. Specially-crafted input may lead...

6.5CVSS7.8AI score0.00524EPSS
Exploits0References3
Veracode
Veracodeadded 2018/11/14 2:37 a.m.29 views

Cross-Site Scripting (XSS)

Apache Struts is vulnerable to cross-site scripting. A lack of validation in the parameter name allows a remote attacker to inject arbitrary Javascript through an error message. The vulnerability affects LookupDispatchAction, DispatchAction and ActionDispatcher...

4.3CVSS8.7AI score0.05047EPSS
Exploits0References11Affected Software1
RedHat Linux
RedHat Linuxadded 2006/05/03 3:48 p.m.4 views

struts LookupDispatchAction XSS

Cross-site scripting XSS vulnerability in 1 LookupDispatchAction and possibly 2 DispatchAction and 3 ActionDispatcher in Apache Software Foundation ASF Struts before 1.2.9 allows remote attackers to inject arbitrary web script or HTML via the parameter name, which is not filtered in the resulting...

4.3CVSS7.5AI score0.05047EPSS
Exploits0References4
Rows per page
Query Builder