Struts@2.1.2 beta Security Vulnerabilities and Issues — Struts@2.1.2 beta CVE List

Lucene search

ApacheStruts2.1.2 beta

2 matches found

CVE•added 2009/03/23 2:19 p.m.•65 views

CVE-2008-6505

Multiple directory traversal vulnerabilities in Apache Struts 2.0.x before 2.0.12 and 2.1.x before 2.1.3 allow remote attackers to read arbitrary files via a ..%252f (encoded dot dot slash) in a URI with a /struts/ path, related to (1) FilterDispatcher in 2.0.x and (2) DefaultStaticContentLoader in...

5CVSS6.8AI score0.5752EPSS

CVE•added 2016/04/12 4:59 p.m.•54 views

CVE-2016-2162

Apache Struts 2.x before 2.3.25 does not sanitize text in the Locale object constructed by I18NInterceptor, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors involving language display.

6.1CVSS5.8AI score0.06525EPSS