CVE-2013-6348
CVSS v2.0
4.3 (Medium)
EPSS
0.38 % (73th)
Affected Products
1
Advisories
1
Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.3.15.3 allow remote attackers to inject arbitrary web script or HTML via the namespace parameter to (1) actionNames.action and (2) showConfig.action in config-browser/.
Weaknesses
- CWE-79
- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
- CVE Status
- PUBLISHED
- CNA
- MITRE
- Published Date
-
2013-11-02 21:55:04
(11 years ago) - Updated Date
-
2013-11-25 04:36:25
(10 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...