Withdrawn Advisory: Apache Struts XSS

GHSA-9848-v244-962p · CVE-2012-1007

Published May 14, 2022 · Modified May 15, 2026

Description

Withdrawn Advisory

This advisory has been withdrawn because it was deemed invalid. This link is maintained to preserve external references.

Original Description

Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 1.3.10 allow remote attackers to inject arbitrary web script or HTML via (1) the name parameter to struts-examples/upload/upload-submit.do, or the message parameter to (2) struts-cookbook/processSimple.do or (3) struts-cookbook/processDyna.do.

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2012-1007
WEB https://exchange.xforce.ibmcloud.com/vulnerabilities/73052

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes