/
DirectorySecurity Advisories
Sign In
Security Advisories

CVE-2012-1007

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2012-1007

CGA ID

CGA-j3p9-pmm7-8g26

Severity

Unknown

Summary

Apache Struts XSS

Description

Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 1.3.10 allow remote attackers to inject arbitrary web script or HTML via (1) the name parameter to struts-examples/upload/upload-submit.do, or the message parameter to (2) struts-cookbook/processSimple.do or (3) struts-cookbook/processDyna.do.

References

  • https://images.chainguard.dev/security/CGA-j3p9-pmm7-8g26

Affected packages


Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2025 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Products

Chainguard ContainersChainguard LibrariesChainguard VMs