Apache Struts Error Response Cross-Site Scripting Vulnerability
Red Hat has released advisory RHSA-2006:0157-01 along with fixes to address this issue for Red Hat Application Server 3. Please see the referenced advisory for more information.
The vendor has addressed this issue in version 1.2.8:
Apache Software Foundation Struts 1.2.7