Cross-site scripting (XSS) vulnerability in (1) LookupDispatchAction and possibly (2) DispatchAction and (3) ActionDispatcher in Apache Software Foundation (ASF) Struts before 1.2.9 allows remote attackers to inject arbitrary web script or HTML via the parameter name, which is not filtered in the resulting error message.
Metrics
Affected Vendors & Products
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.

Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2024-08-07T17:19:48.799Z
Reserved: 2006-03-30T00:00:00
Link: CVE-2006-1548

No data.

Status : Deferred
Published: 2006-03-30T22:02:00.000
Modified: 2025-04-03T01:03:51.193
Link: CVE-2006-1548


No data.