Struts Security Vulnerabilities and Issues — Struts CVE List

Lucene search

ApacheStruts

3 matches found

CVE•added 2009/04/09 3:8 p.m.•64 views

CVE-2008-2025

Cross-site scripting (XSS) vulnerability in Apache Struts before 1.2.9-162.31.1 on SUSE Linux Enterprise (SLE) 11, before 1.2.9-108.2 on SUSE openSUSE 10.3, before 1.2.9-198.2 on SUSE openSUSE 11.0, and before 1.2.9-162.163.2 on SUSE openSUSE 11.1 allows remote attackers to inject arbitrary web scr...

4.3CVSS6.6AI score0.02467EPSS

CVE•added 2009/04/09 3:8 p.m.•63 views

CVE-2007-6726

Multiple cross-site scripting (XSS) vulnerabilities in Dojo 0.4.1 and 0.4.2, as used in Apache Struts and other products, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving (1) xip_client.html and (2) xip_server.html in src/io/.

4.3CVSS5.8AI score0.01495EPSS

CVE•added 2009/04/09 3:8 p.m.•50 views

CVE-2008-6682

Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.0.x before 2.0.11.1 and 2.1.x before 2.1.1 allow remote attackers to inject arbitrary web script or HTML via vectors associated with improper handling of (1) " (double quote) characters in the href attribute of an s:a tag and (2...

4.3CVSS5.7AI score0.01223EPSS