Cross-site scripting (XSS) vulnerability in Apache Struts before 1.2.9-162.31.1 on SUSE Linux Enterprise (SLE) 11, before 1.2.9-108.2 on SUSE openSUSE 10.3, before 1.2.9-198.2 on SUSE openSUSE 11.0, and before 1.2.9-162.163.2 on SUSE openSUSE 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "insufficient quoting of parameters."
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Wed, 28 May 2025 14:45:00 +0000

Type Values Removed Values Added
References

Thu, 22 May 2025 00:45:00 +0000


cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-07T08:41:00.257Z

Reserved: 2008-04-30T00:00:00

Link: CVE-2008-2025

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2009-04-09T15:08:35.483

Modified: 2025-04-09T00:30:58.490

Link: CVE-2008-2025

cve-icon Redhat

Severity : Moderate

Publid Date: 2009-04-06T00:00:00Z

Links: CVE-2008-2025 - Bugzilla

cve-icon OpenCVE Enrichment

No data.