org.apache.struts:struts2-assembly (>=2.2.1 <=2.3.15), org.apache.struts:struts2-rest-showcase (>=2.1.2 <=2.3.15.1) +3 more potentially affected by CVE-2013-4316 via org.apache.struts:struts2-rest-plugin (>=2.1.2 <=2.3.15.1)

org.apache.struts:struts2-rest-plugin MAVEN version =2.1.2, =2.2.1, =2.1.2, =2.0-RC2.3, =2.0-RC3 Source cves: CVE-2013-4316 Source advisory: OSV:GHSA-J7H6-XR7G-M2C5...

org.apache.struts:struts2-assembly (>=2.3.1.1 <=2.3.28.1), org.apache.struts:struts2-rest-showcase (>=2.3.1.1 <=2.3.28.1) +2 more potentially affected by CVE-2016-4438 via org.apache.struts:struts2-rest-plugin (>=2.3.1.1 <=2.3.28.1)

org.apache.struts:struts2-rest-plugin MAVEN version =2.3.1.1, =2.3.1.1, =2.3.1.1, =1.0, =1.0.1 - org.meruvian.yama:yama-struts-core =1.0.1 Source cves: CVE-2016-4438 Source advisory: OSV:GHSA-4PRJ-VW9J-V6PR...

org.apache.struts:struts2-assembly (>=2.2.1 <=2.3.33), org.apache.struts:struts2-rest-showcase (>=2.1.2 <=2.3.33) +5 more potentially affected by CVE-2017-9805 via org.apache.struts:struts2-rest-plugin (>=2.1.2 <=2.3.33)

org.apache.struts:struts2-rest-plugin MAVEN version =2.1.2, =2.2.1, =2.1.2, =2.0-RC2.3, =1.0, =1.0.1 - org.meruvian.yama:yama-struts-core =1.0.1 Source cves: CVE-2017-9805 Source advisory: OSV:GHSA-GG9M-FJ3V-R58C...

org.apache.struts:struts2-assembly (>=2.5.1 <=2.5.12), org.apache.struts:struts2-rest-showcase (>=2.5.1 <=2.5.12) potentially affected by CVE-2017-9793 +1 more via org.apache.struts:struts2-rest-plugin (>=2.5.1 <=2.5.12)

org.apache.struts:struts2-rest-plugin MAVEN version =2.5.1, =2.5.1, =2.5.1, =2.5.12 Source cves: CVE-2017-9793, CVE-2017-9805 Source advisory: OSV:GHSA-VWXJ-6M5M-RRVH...

CVE-2012-1006

Multiple cross-site scripting XSS vulnerabilities in Apache Struts 2.0.14 and 2.2.3 allow remote attackers to inject arbitrary web script or HTML via the 1 name or 2 lastName parameter to struts2-showcase/person/editPerson.action, or the 3 clientName parameter to struts2-rest-showcase/orders...