Cross-site scripting (XSS) vulnerability in Apache Struts prior to 1.2.9-162.31.1 on SUSE Linux Enterprise (SLE) 11, prior to 1.2.9-108.2 on SUSE openSUSE 10.3, prior to 1.2.9-198.2 on SUSE openSUSE 11.0, and prior to 1.2.9-162.163.2 on SUSE openSUSE 11.1 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors related to "insufficient quoting of parameters."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache struts 1.1 |
||
apache struts 1.2.7 |
||
apache struts 1.2.8 |
||
apache struts 1.2.4 |
||
apache struts 1.0.2 |