Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-skbn-jggt-uffg
Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.0.x before 2.0.11.1 and 2.1.x before 2.1.1 allow remote attackers to inject arbitrary web script or HTML via vectors associated with improper handling of (1) " (double quote) characters in the href attribute of an s:a tag and (2) parameters in the action attribute of an s:url tag.
Aliases
0
alias CVE-2008-6682
1
alias GHSA-jgcr-9c2q-rvp8
Fixed_packages
0
url pkg:maven/org.apache.struts/struts2-core@2.0.11.1
purl pkg:maven/org.apache.struts/struts2-core@2.0.11.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2chz-36wn-9fcv
1
vulnerability VCID-2rjv-1thm-dugt
2
vulnerability VCID-2v7h-fght-cugn
3
vulnerability VCID-3yq7-n972-j7dh
4
vulnerability VCID-4agy-6nsx-7ufh
5
vulnerability VCID-579w-2k2v-efa2
6
vulnerability VCID-6241-shkt-s7ew
7
vulnerability VCID-6hrc-fm64-ckhf
8
vulnerability VCID-6t1x-s2k2-b7bq
9
vulnerability VCID-759g-hsfg-97f8
10
vulnerability VCID-79j9-v8gz-rfax
11
vulnerability VCID-87fh-rvvb-6ubq
12
vulnerability VCID-8bsh-bshc-vkgq
13
vulnerability VCID-8mws-fbmg-cqa9
14
vulnerability VCID-95ts-vpk6-uubg
15
vulnerability VCID-at5c-f8p8-67fh
16
vulnerability VCID-b59n-uxft-4qgz
17
vulnerability VCID-b7zy-qhz9-tuar
18
vulnerability VCID-cm62-bsdz-yye2
19
vulnerability VCID-d8as-n8hc-j3fj
20
vulnerability VCID-dk2f-14xj-9bf8
21
vulnerability VCID-evh9-mua1-2bem
22
vulnerability VCID-fv6w-cdtc-kkhx
23
vulnerability VCID-gfxq-vtry-bqgg
24
vulnerability VCID-gv5f-auvz-5fda
25
vulnerability VCID-h4yg-zrv6-aqa1
26
vulnerability VCID-hgj2-vqzn-gyeb
27
vulnerability VCID-hkjh-35ye-1ugj
28
vulnerability VCID-j5su-cnqd-6yad
29
vulnerability VCID-k6mz-k1yb-4uej
30
vulnerability VCID-kdsa-599r-eud7
31
vulnerability VCID-me84-wy85-hkf5
32
vulnerability VCID-n2dn-bnjc-13gp
33
vulnerability VCID-n4fb-crnk-eugz
34
vulnerability VCID-nmgp-r7hb-5ke1
35
vulnerability VCID-q96z-v3bs-k3dg
36
vulnerability VCID-qqm4-frqy-bua5
37
vulnerability VCID-r28t-sdc5-kbga
38
vulnerability VCID-tcaj-6bcg-k7g2
39
vulnerability VCID-tgd1-s1yg-9fdt
40
vulnerability VCID-vgp6-jxqt-pbf4
41
vulnerability VCID-vkb9-11h4-dugp
42
vulnerability VCID-vnkw-9fa2-zqcm
43
vulnerability VCID-x65e-31g3-77bp
44
vulnerability VCID-xz41-1z86-37ew
45
vulnerability VCID-y5uq-a6dx-3yd4
46
vulnerability VCID-ygbu-vb2t-jqhx
47
vulnerability VCID-z1gf-169n-m3af
48
vulnerability VCID-zb3c-gnyc-yug8
49
vulnerability VCID-zxww-8kb3-tufv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.0.11.1
Affected_packages
0
url pkg:maven/org.apache.struts/struts2-core@2.0.0
purl pkg:maven/org.apache.struts/struts2-core@2.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2rjv-1thm-dugt
1
vulnerability VCID-3yq7-n972-j7dh
2
vulnerability VCID-4agy-6nsx-7ufh
3
vulnerability VCID-6241-shkt-s7ew
4
vulnerability VCID-6hrc-fm64-ckhf
5
vulnerability VCID-79j9-v8gz-rfax
6
vulnerability VCID-8bsh-bshc-vkgq
7
vulnerability VCID-95ts-vpk6-uubg
8
vulnerability VCID-at5c-f8p8-67fh
9
vulnerability VCID-b59n-uxft-4qgz
10
vulnerability VCID-d8as-n8hc-j3fj
11
vulnerability VCID-fv6w-cdtc-kkhx
12
vulnerability VCID-gfxq-vtry-bqgg
13
vulnerability VCID-hgj2-vqzn-gyeb
14
vulnerability VCID-hkjh-35ye-1ugj
15
vulnerability VCID-j5su-cnqd-6yad
16
vulnerability VCID-j8jv-hzsy-nyec
17
vulnerability VCID-k6mz-k1yb-4uej
18
vulnerability VCID-kdsa-599r-eud7
19
vulnerability VCID-p9xh-frm5-8ucp
20
vulnerability VCID-skbn-jggt-uffg
21
vulnerability VCID-tgd1-s1yg-9fdt
22
vulnerability VCID-vkb9-11h4-dugp
23
vulnerability VCID-vnkw-9fa2-zqcm
24
vulnerability VCID-ygbu-vb2t-jqhx
25
vulnerability VCID-zxww-8kb3-tufv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.0.0
1
url pkg:maven/org.apache.struts/struts2-core@2.0.5
purl pkg:maven/org.apache.struts/struts2-core@2.0.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2chz-36wn-9fcv
1
vulnerability VCID-2rjv-1thm-dugt
2
vulnerability VCID-2v7h-fght-cugn
3
vulnerability VCID-3yq7-n972-j7dh
4
vulnerability VCID-4agy-6nsx-7ufh
5
vulnerability VCID-579w-2k2v-efa2
6
vulnerability VCID-6241-shkt-s7ew
7
vulnerability VCID-6hrc-fm64-ckhf
8
vulnerability VCID-6t1x-s2k2-b7bq
9
vulnerability VCID-759g-hsfg-97f8
10
vulnerability VCID-79j9-v8gz-rfax
11
vulnerability VCID-87fh-rvvb-6ubq
12
vulnerability VCID-8bsh-bshc-vkgq
13
vulnerability VCID-8mws-fbmg-cqa9
14
vulnerability VCID-95ts-vpk6-uubg
15
vulnerability VCID-at5c-f8p8-67fh
16
vulnerability VCID-b59n-uxft-4qgz
17
vulnerability VCID-b7zy-qhz9-tuar
18
vulnerability VCID-cm62-bsdz-yye2
19
vulnerability VCID-d8as-n8hc-j3fj
20
vulnerability VCID-dk2f-14xj-9bf8
21
vulnerability VCID-evh9-mua1-2bem
22
vulnerability VCID-fv6w-cdtc-kkhx
23
vulnerability VCID-gfxq-vtry-bqgg
24
vulnerability VCID-gv5f-auvz-5fda
25
vulnerability VCID-h4yg-zrv6-aqa1
26
vulnerability VCID-hgj2-vqzn-gyeb
27
vulnerability VCID-hkjh-35ye-1ugj
28
vulnerability VCID-j5su-cnqd-6yad
29
vulnerability VCID-k6mz-k1yb-4uej
30
vulnerability VCID-kdsa-599r-eud7
31
vulnerability VCID-me84-wy85-hkf5
32
vulnerability VCID-n2dn-bnjc-13gp
33
vulnerability VCID-n4fb-crnk-eugz
34
vulnerability VCID-nmgp-r7hb-5ke1
35
vulnerability VCID-q96z-v3bs-k3dg
36
vulnerability VCID-qqm4-frqy-bua5
37
vulnerability VCID-r28t-sdc5-kbga
38
vulnerability VCID-skbn-jggt-uffg
39
vulnerability VCID-tcaj-6bcg-k7g2
40
vulnerability VCID-tgd1-s1yg-9fdt
41
vulnerability VCID-vgp6-jxqt-pbf4
42
vulnerability VCID-vkb9-11h4-dugp
43
vulnerability VCID-vnkw-9fa2-zqcm
44
vulnerability VCID-x65e-31g3-77bp
45
vulnerability VCID-xz41-1z86-37ew
46
vulnerability VCID-y5uq-a6dx-3yd4
47
vulnerability VCID-ygbu-vb2t-jqhx
48
vulnerability VCID-z1gf-169n-m3af
49
vulnerability VCID-zb3c-gnyc-yug8
50
vulnerability VCID-zxww-8kb3-tufv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.0.5
2
url pkg:maven/org.apache.struts/struts2-core@2.0.6
purl pkg:maven/org.apache.struts/struts2-core@2.0.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2chz-36wn-9fcv
1
vulnerability VCID-2rjv-1thm-dugt
2
vulnerability VCID-2v7h-fght-cugn
3
vulnerability VCID-3yq7-n972-j7dh
4
vulnerability VCID-4agy-6nsx-7ufh
5
vulnerability VCID-579w-2k2v-efa2
6
vulnerability VCID-6241-shkt-s7ew
7
vulnerability VCID-6hrc-fm64-ckhf
8
vulnerability VCID-6t1x-s2k2-b7bq
9
vulnerability VCID-759g-hsfg-97f8
10
vulnerability VCID-79j9-v8gz-rfax
11
vulnerability VCID-87fh-rvvb-6ubq
12
vulnerability VCID-8bsh-bshc-vkgq
13
vulnerability VCID-8mws-fbmg-cqa9
14
vulnerability VCID-95ts-vpk6-uubg
15
vulnerability VCID-at5c-f8p8-67fh
16
vulnerability VCID-b59n-uxft-4qgz
17
vulnerability VCID-b7zy-qhz9-tuar
18
vulnerability VCID-cm62-bsdz-yye2
19
vulnerability VCID-d8as-n8hc-j3fj
20
vulnerability VCID-dk2f-14xj-9bf8
21
vulnerability VCID-evh9-mua1-2bem
22
vulnerability VCID-fv6w-cdtc-kkhx
23
vulnerability VCID-gfxq-vtry-bqgg
24
vulnerability VCID-gv5f-auvz-5fda
25
vulnerability VCID-h4yg-zrv6-aqa1
26
vulnerability VCID-hgj2-vqzn-gyeb
27
vulnerability VCID-hkjh-35ye-1ugj
28
vulnerability VCID-j5su-cnqd-6yad
29
vulnerability VCID-k6mz-k1yb-4uej
30
vulnerability VCID-kdsa-599r-eud7
31
vulnerability VCID-me84-wy85-hkf5
32
vulnerability VCID-n2dn-bnjc-13gp
33
vulnerability VCID-n4fb-crnk-eugz
34
vulnerability VCID-nmgp-r7hb-5ke1
35
vulnerability VCID-q96z-v3bs-k3dg
36
vulnerability VCID-qqm4-frqy-bua5
37
vulnerability VCID-r28t-sdc5-kbga
38
vulnerability VCID-skbn-jggt-uffg
39
vulnerability VCID-tcaj-6bcg-k7g2
40
vulnerability VCID-tgd1-s1yg-9fdt
41
vulnerability VCID-vgp6-jxqt-pbf4
42
vulnerability VCID-vkb9-11h4-dugp
43
vulnerability VCID-vnkw-9fa2-zqcm
44
vulnerability VCID-x65e-31g3-77bp
45
vulnerability VCID-xz41-1z86-37ew
46
vulnerability VCID-y5uq-a6dx-3yd4
47
vulnerability VCID-ygbu-vb2t-jqhx
48
vulnerability VCID-z1gf-169n-m3af
49
vulnerability VCID-zb3c-gnyc-yug8
50
vulnerability VCID-zxww-8kb3-tufv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.0.6
3
url pkg:maven/org.apache.struts/struts2-core@2.0.8
purl pkg:maven/org.apache.struts/struts2-core@2.0.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2chz-36wn-9fcv
1
vulnerability VCID-2rjv-1thm-dugt
2
vulnerability VCID-2v7h-fght-cugn
3
vulnerability VCID-3yq7-n972-j7dh
4
vulnerability VCID-4agy-6nsx-7ufh
5
vulnerability VCID-579w-2k2v-efa2
6
vulnerability VCID-6241-shkt-s7ew
7
vulnerability VCID-6hrc-fm64-ckhf
8
vulnerability VCID-6t1x-s2k2-b7bq
9
vulnerability VCID-759g-hsfg-97f8
10
vulnerability VCID-79j9-v8gz-rfax
11
vulnerability VCID-87fh-rvvb-6ubq
12
vulnerability VCID-8bsh-bshc-vkgq
13
vulnerability VCID-8mws-fbmg-cqa9
14
vulnerability VCID-95ts-vpk6-uubg
15
vulnerability VCID-at5c-f8p8-67fh
16
vulnerability VCID-b59n-uxft-4qgz
17
vulnerability VCID-b7zy-qhz9-tuar
18
vulnerability VCID-cm62-bsdz-yye2
19
vulnerability VCID-d8as-n8hc-j3fj
20
vulnerability VCID-dk2f-14xj-9bf8
21
vulnerability VCID-evh9-mua1-2bem
22
vulnerability VCID-fv6w-cdtc-kkhx
23
vulnerability VCID-gfxq-vtry-bqgg
24
vulnerability VCID-gv5f-auvz-5fda
25
vulnerability VCID-h4yg-zrv6-aqa1
26
vulnerability VCID-hgj2-vqzn-gyeb
27
vulnerability VCID-hkjh-35ye-1ugj
28
vulnerability VCID-j5su-cnqd-6yad
29
vulnerability VCID-k6mz-k1yb-4uej
30
vulnerability VCID-kdsa-599r-eud7
31
vulnerability VCID-me84-wy85-hkf5
32
vulnerability VCID-n2dn-bnjc-13gp
33
vulnerability VCID-n4fb-crnk-eugz
34
vulnerability VCID-nmgp-r7hb-5ke1
35
vulnerability VCID-q96z-v3bs-k3dg
36
vulnerability VCID-qqm4-frqy-bua5
37
vulnerability VCID-r28t-sdc5-kbga
38
vulnerability VCID-skbn-jggt-uffg
39
vulnerability VCID-tcaj-6bcg-k7g2
40
vulnerability VCID-tgd1-s1yg-9fdt
41
vulnerability VCID-vgp6-jxqt-pbf4
42
vulnerability VCID-vkb9-11h4-dugp
43
vulnerability VCID-vnkw-9fa2-zqcm
44
vulnerability VCID-x65e-31g3-77bp
45
vulnerability VCID-xz41-1z86-37ew
46
vulnerability VCID-y5uq-a6dx-3yd4
47
vulnerability VCID-ygbu-vb2t-jqhx
48
vulnerability VCID-z1gf-169n-m3af
49
vulnerability VCID-zb3c-gnyc-yug8
50
vulnerability VCID-zxww-8kb3-tufv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.0.8
4
url pkg:maven/org.apache.struts/struts2-core@2.0.9
purl pkg:maven/org.apache.struts/struts2-core@2.0.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2chz-36wn-9fcv
1
vulnerability VCID-2rjv-1thm-dugt
2
vulnerability VCID-2v7h-fght-cugn
3
vulnerability VCID-3yq7-n972-j7dh
4
vulnerability VCID-4agy-6nsx-7ufh
5
vulnerability VCID-579w-2k2v-efa2
6
vulnerability VCID-6241-shkt-s7ew
7
vulnerability VCID-6hrc-fm64-ckhf
8
vulnerability VCID-6t1x-s2k2-b7bq
9
vulnerability VCID-759g-hsfg-97f8
10
vulnerability VCID-79j9-v8gz-rfax
11
vulnerability VCID-87fh-rvvb-6ubq
12
vulnerability VCID-8bsh-bshc-vkgq
13
vulnerability VCID-8mws-fbmg-cqa9
14
vulnerability VCID-95ts-vpk6-uubg
15
vulnerability VCID-at5c-f8p8-67fh
16
vulnerability VCID-b59n-uxft-4qgz
17
vulnerability VCID-b7zy-qhz9-tuar
18
vulnerability VCID-cm62-bsdz-yye2
19
vulnerability VCID-d8as-n8hc-j3fj
20
vulnerability VCID-dk2f-14xj-9bf8
21
vulnerability VCID-evh9-mua1-2bem
22
vulnerability VCID-fv6w-cdtc-kkhx
23
vulnerability VCID-gfxq-vtry-bqgg
24
vulnerability VCID-gv5f-auvz-5fda
25
vulnerability VCID-h4yg-zrv6-aqa1
26
vulnerability VCID-hgj2-vqzn-gyeb
27
vulnerability VCID-hkjh-35ye-1ugj
28
vulnerability VCID-j5su-cnqd-6yad
29
vulnerability VCID-k6mz-k1yb-4uej
30
vulnerability VCID-kdsa-599r-eud7
31
vulnerability VCID-me84-wy85-hkf5
32
vulnerability VCID-n2dn-bnjc-13gp
33
vulnerability VCID-n4fb-crnk-eugz
34
vulnerability VCID-nmgp-r7hb-5ke1
35
vulnerability VCID-q96z-v3bs-k3dg
36
vulnerability VCID-qqm4-frqy-bua5
37
vulnerability VCID-r28t-sdc5-kbga
38
vulnerability VCID-skbn-jggt-uffg
39
vulnerability VCID-tcaj-6bcg-k7g2
40
vulnerability VCID-tgd1-s1yg-9fdt
41
vulnerability VCID-vgp6-jxqt-pbf4
42
vulnerability VCID-vkb9-11h4-dugp
43
vulnerability VCID-vnkw-9fa2-zqcm
44
vulnerability VCID-x65e-31g3-77bp
45
vulnerability VCID-xz41-1z86-37ew
46
vulnerability VCID-y5uq-a6dx-3yd4
47
vulnerability VCID-ygbu-vb2t-jqhx
48
vulnerability VCID-z1gf-169n-m3af
49
vulnerability VCID-zb3c-gnyc-yug8
50
vulnerability VCID-zxww-8kb3-tufv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.0.9
5
url pkg:maven/org.apache.struts/struts2-core@2.0.11
purl pkg:maven/org.apache.struts/struts2-core@2.0.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2chz-36wn-9fcv
1
vulnerability VCID-2rjv-1thm-dugt
2
vulnerability VCID-2v7h-fght-cugn
3
vulnerability VCID-3yq7-n972-j7dh
4
vulnerability VCID-4agy-6nsx-7ufh
5
vulnerability VCID-579w-2k2v-efa2
6
vulnerability VCID-6241-shkt-s7ew
7
vulnerability VCID-6hrc-fm64-ckhf
8
vulnerability VCID-6t1x-s2k2-b7bq
9
vulnerability VCID-759g-hsfg-97f8
10
vulnerability VCID-79j9-v8gz-rfax
11
vulnerability VCID-87fh-rvvb-6ubq
12
vulnerability VCID-8bsh-bshc-vkgq
13
vulnerability VCID-8mws-fbmg-cqa9
14
vulnerability VCID-95ts-vpk6-uubg
15
vulnerability VCID-at5c-f8p8-67fh
16
vulnerability VCID-b59n-uxft-4qgz
17
vulnerability VCID-b7zy-qhz9-tuar
18
vulnerability VCID-cm62-bsdz-yye2
19
vulnerability VCID-d8as-n8hc-j3fj
20
vulnerability VCID-dk2f-14xj-9bf8
21
vulnerability VCID-evh9-mua1-2bem
22
vulnerability VCID-fv6w-cdtc-kkhx
23
vulnerability VCID-gfxq-vtry-bqgg
24
vulnerability VCID-gv5f-auvz-5fda
25
vulnerability VCID-h4yg-zrv6-aqa1
26
vulnerability VCID-hgj2-vqzn-gyeb
27
vulnerability VCID-hkjh-35ye-1ugj
28
vulnerability VCID-j5su-cnqd-6yad
29
vulnerability VCID-k6mz-k1yb-4uej
30
vulnerability VCID-kdsa-599r-eud7
31
vulnerability VCID-me84-wy85-hkf5
32
vulnerability VCID-n2dn-bnjc-13gp
33
vulnerability VCID-n4fb-crnk-eugz
34
vulnerability VCID-nmgp-r7hb-5ke1
35
vulnerability VCID-q96z-v3bs-k3dg
36
vulnerability VCID-qqm4-frqy-bua5
37
vulnerability VCID-r28t-sdc5-kbga
38
vulnerability VCID-skbn-jggt-uffg
39
vulnerability VCID-tcaj-6bcg-k7g2
40
vulnerability VCID-tgd1-s1yg-9fdt
41
vulnerability VCID-vgp6-jxqt-pbf4
42
vulnerability VCID-vkb9-11h4-dugp
43
vulnerability VCID-vnkw-9fa2-zqcm
44
vulnerability VCID-x65e-31g3-77bp
45
vulnerability VCID-xz41-1z86-37ew
46
vulnerability VCID-y5uq-a6dx-3yd4
47
vulnerability VCID-ygbu-vb2t-jqhx
48
vulnerability VCID-z1gf-169n-m3af
49
vulnerability VCID-zb3c-gnyc-yug8
50
vulnerability VCID-zxww-8kb3-tufv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.0.11
6
url pkg:maven/org.apache.struts/struts2-core@2.1.0
purl pkg:maven/org.apache.struts/struts2-core@2.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2rjv-1thm-dugt
1
vulnerability VCID-579w-2k2v-efa2
2
vulnerability VCID-d8as-n8hc-j3fj
3
vulnerability VCID-skbn-jggt-uffg
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.1.0
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-6682
reference_id
reference_type
scores
0
value 0.0143
scoring_system epss
scoring_elements 0.80685
published_at 2026-04-21T12:55:00Z
1
value 0.0143
scoring_system epss
scoring_elements 0.80595
published_at 2026-04-01T12:55:00Z
2
value 0.0143
scoring_system epss
scoring_elements 0.80603
published_at 2026-04-02T12:55:00Z
3
value 0.0143
scoring_system epss
scoring_elements 0.80625
published_at 2026-04-04T12:55:00Z
4
value 0.0143
scoring_system epss
scoring_elements 0.80619
published_at 2026-04-07T12:55:00Z
5
value 0.0143
scoring_system epss
scoring_elements 0.80646
published_at 2026-04-08T12:55:00Z
6
value 0.0143
scoring_system epss
scoring_elements 0.80656
published_at 2026-04-09T12:55:00Z
7
value 0.0143
scoring_system epss
scoring_elements 0.80672
published_at 2026-04-11T12:55:00Z
8
value 0.0143
scoring_system epss
scoring_elements 0.80659
published_at 2026-04-12T12:55:00Z
9
value 0.0143
scoring_system epss
scoring_elements 0.80651
published_at 2026-04-13T12:55:00Z
10
value 0.0143
scoring_system epss
scoring_elements 0.8068
published_at 2026-04-16T12:55:00Z
11
value 0.0143
scoring_system epss
scoring_elements 0.80682
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-6682
1
reference_url https://github.com/apache/struts
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/struts
2
reference_url https://github.com/apache/struts/commit/09147ffad2b3046ed21af0f524c5088e2ac551e6
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/struts/commit/09147ffad2b3046ed21af0f524c5088e2ac551e6
3
reference_url https://github.com/apache/struts/commit/bd3f2f59c9b09f70aed3ebab6bb69b464ee2d6cb
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/struts/commit/bd3f2f59c9b09f70aed3ebab6bb69b464ee2d6cb
4
reference_url https://github.com/apache/struts/commit/dae026a0f0511f83852053bae9d5a622e7f80486
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/struts/commit/dae026a0f0511f83852053bae9d5a622e7f80486
5
reference_url https://issues.apache.org/struts/browse/WW-2414
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/struts/browse/WW-2414
6
reference_url https://issues.apache.org/struts/browse/WW-2427
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/struts/browse/WW-2427
7
reference_url https://web.archive.org/web/20080610075918/http://www.nabble.com/Feedback%3A-WW-2414%2C-XSS-attack-is-possible-if-using-%3Cs%3Aurl-...%3E-and-%3Cs%3Aa-...%3E-td14771449i20.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20080610075918/http://www.nabble.com/Feedback%3A-WW-2414%2C-XSS-attack-is-possible-if-using-%3Cs%3Aurl-...%3E-and-%3Cs%3Aa-...%3E-td14771449i20.html
8
reference_url https://web.archive.org/web/20080611112834/http://www.nabble.com/Feedback%3A-WW-2414%2C-XSS-attack-is-possible-if-using-%3Cs%3Aurl-...%3E-and-%3Cs%3Aa-...%3E-td14771449.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20080611112834/http://www.nabble.com/Feedback%3A-WW-2414%2C-XSS-attack-is-possible-if-using-%3Cs%3Aurl-...%3E-and-%3Cs%3Aa-...%3E-td14771449.html
9
reference_url https://web.archive.org/web/20200229155553/http://www.securityfocus.com/bid/34686
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200229155553/http://www.securityfocus.com/bid/34686
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2008-6682
reference_id CVE-2008-6682
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2008-6682
11
reference_url https://github.com/advisories/GHSA-jgcr-9c2q-rvp8
reference_id GHSA-jgcr-9c2q-rvp8
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jgcr-9c2q-rvp8
Weaknesses
0
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
1
cwe_id 79
name Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
description The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
2
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
Exploits
Severity_range_score4.0 - 6.9
Exploitability0.5
Weighted_severity6.2
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-skbn-jggt-uffg