CVE-2009-1275
CVSS v2.0
6.8 (Medium)
EPSS
0.51 % (77th)
Affected Products
2
Advisories
1
Apache Tiles 2.1 before 2.1.2, as used in Apache Struts and other products, evaluates Expression Language (EL) expressions twice in certain circumstances, which allows remote attackers to conduct cross-site scripting (XSS) attacks or obtain sensitive information via unspecified vectors, related to the (1) tiles:putAttribute and (2) tiles:insertTemplate JSP tags.
Weaknesses
- CVE Status
- PUBLISHED
- CNA
- MITRE
- Published Date
-
2009-04-09 15:08:35
(15 years ago) - Updated Date
-
2009-04-29 05:29:29
(15 years ago)
Affected Products
Loading...
Loading...
Configuration #1
AND |
|
---|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...