Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.3.15.3 allow remote attackers to inject arbitrary web script or HTML via the namespace parameter to (1) actionNames.action and (2) showConfig.action in config-browser/.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2013-11-02T21:00:00

Updated: 2024-08-06T17:39:00.896Z

Reserved: 2013-11-02T00:00:00

Link: CVE-2013-6348

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2013-11-02T21:55:04.630

Modified: 2024-11-21T01:59:03.527

Link: CVE-2013-6348

cve-icon Redhat

Severity : Moderate

Publid Date: 2013-10-28T00:00:00Z

Links: CVE-2013-6348 - Bugzilla