GHSA-9cjh-qmvx-436c
Suggest an improvement- Source
- https://github.com/advisories/GHSA-9cjh-qmvx-436c
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-9cjh-qmvx-436c/GHSA-9cjh-qmvx-436c.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-9cjh-qmvx-436c
- Aliases
-
- CVE-2005-3745
- Published
- 2022-05-01T02:20:38Z
- Modified
- 2023-11-08T03:56:46.055411Z
- Summary
- Apache Struts Cross-site scripting Vulnerability
- Details
-
Cross-site scripting (XSS) vulnerability in Apache Struts 1.2.7, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the query string, which is not properly quoted or filtered when the request handler generates an error message.
- Database specific
{ "nvd_published_at": "2005-11-22T11:03:00Z", "cwe_ids": [ "CWE-80" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2023-09-18T23:52:44Z" }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2005-3745
- https://lists.apache.org/thread.html/r02c2d634fa74209d941c90f9a4cd36a6f12366ca65f9b90446ff2de3@%3Cissues.struts.apache.org%3E
- https://lists.apache.org/thread.html/rf482c101a88445d73cc2e89dbf7f16ae00a4aa79a544a1e72b2326db@%3Cissues.struts.apache.org%3E
- https://web.archive.org/web/20051230061138/http://www.hacktics.com/AdvStrutsNov05.html
- https://web.archive.org/web/20060315133810/http://securitytracker.com/alerts/2005/Nov/1015257.html
- https://web.archive.org/web/20060408105414/http://www.securityfocus.com/bid/15512
- https://web.archive.org/web/20201125023452/http://www.securityfocus.com/archive/1/417296/30/0/threaded
- https://web.archive.org/web/20201207010315/https://cxsecurity.com/issue/WLB-2005110055
- http://www.redhat.com/support/errata/RHSA-2006-0157.html
- http://www.redhat.com/support/errata/RHSA-2006-0161.html
Affected packages
Maven / org.apache.struts:struts-core
Package
- Name
- org.apache.struts:struts-core
- View open source insights on deps.dev
- Purl
- pkg:maven/org.apache.struts/struts-core