2 matches found
CVE-2013-6348
CVE-2013-6348 refers to multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.x (specifically
Struts 2.3.15.3 Cross Site Scripting
Abstract£º The latest version of the current official struts-2.3.15.3£¬struts2-showcase.war demo XSS still exist! Details£º I found an update of the official demo of Strust2, so I did a test. It used to be able to filter, escape input and escape output, but why didn¡¯t it escape this time? Proofs...