Test Kennung:	1.3.6.1.4.1.25623.1.0.812011
Kategorie:	Web application abuses
Titel:	Apache Struts 'Problem Report' XSS Vulnerability (S2-025)
Zusammenfassung:	Apache Struts is prone to a cross-site scripting (XSS); vulnerability.;; This VT has been merged into the VT 'Apache Struts Multiple Vulnerabilities (S2-021,; S2-022, S2-023, S2-025)' (OID: 1.3.6.1.4.1.25623.1.0.108629).
Beschreibung:	Summary: Apache Struts is prone to a cross-site scripting (XSS) vulnerability. This VT has been merged into the VT 'Apache Struts Multiple Vulnerabilities (S2-021, S2-022, S2-023, S2-025)' (OID: 1.3.6.1.4.1.25623.1.0.108629). Vulnerability Insight: The flaw exists due to an improper validation of input passed via the 'Problem Report' screen when using debug mode. Vulnerability Impact: Successful exploitation will allow an attacker to execute arbitrary script code in the browser of user in the context of the affected site. Affected Software/OS: Apache Struts 2.0.0 through 2.3.16.3. Solution: Update to version 2.3.20 or later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Querverweis:	BugTraq ID: 76625 Common Vulnerability Exposure (CVE) ID: CVE-2015-5169 http://www.securityfocus.com/bid/76625 http://jvn.jp/en/jp/JVN95989300/index.html http://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000125.html
Copyright	Copyright (C) 2017 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.