Apache Struts Error Response Cross-Site Scripting Vulnerability

Bugtraq ID: 15512
Class: Input Validation Error
CVE: CVE-2005-3745
Remote: Yes
Local: No
Published: Nov 21 2005 12:00AM
Updated: Jan 02 2007 07:26PM
Credit: Irene Abezgauz is credited with the discovery of this vulnerability.
Vulnerable: Apache Struts 1.2.7
+ Redhat Application Server AS 3
+ Redhat Application Server ES 3
+ Redhat Application Server WS 3
Not Vulnerable: ScriptSolutions PerlDiver 2.32
Apache Struts 1.2.8


Privacy Statement
Copyright 2010, SecurityFocus