{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/15909?format=json","vulnerability_id":"VCID-skbn-jggt-uffg","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nMultiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.0.x before 2.0.11.1 and 2.1.x before 2.1.1 allow remote attackers to inject arbitrary web script or HTML via vectors associated with improper handling of (1) \" (double quote) characters in the href attribute of an s:a tag and (2) parameters in the action attribute of an s:url tag.","aliases":[{"alias":"CVE-2008-6682"},{"alias":"GHSA-jgcr-9c2q-rvp8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/55198?format=json","purl":"pkg:maven/org.apache.struts/struts2-core@2.0.11.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2chz-36wn-9fcv"},{"vulnerability":"VCID-2rjv-1thm-dugt"},{"vulnerability":"VCID-2v7h-fght-cugn"},{"vulnerability":"VCID-3yq7-n972-j7dh"},{"vulnerability":"VCID-4agy-6nsx-7ufh"},{"vulnerability":"VCID-579w-2k2v-efa2"},{"vulnerability":"VCID-6241-shkt-s7ew"},{"vulnerability":"VCID-6hrc-fm64-ckhf"},{"vulnerability":"VCID-6t1x-s2k2-b7bq"},{"vulnerability":"VCID-759g-hsfg-97f8"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-87fh-rvvb-6ubq"},{"vulnerability":"VCID-8bsh-bshc-vkgq"},{"vulnerability":"VCID-8mws-fbmg-cqa9"},{"vulnerability":"VCID-95ts-vpk6-uubg"},{"vulnerability":"VCID-at5c-f8p8-67fh"},{"vulnerability":"VCID-b59n-uxft-4qgz"},{"vulnerability":"VCID-b7zy-qhz9-tuar"},{"vulnerability":"VCID-cm62-bsdz-yye2"},{"vulnerability":"VCID-d8as-n8hc-j3fj"},{"vulnerability":"VCID-dk2f-14xj-9bf8"},{"vulnerability":"VCID-evh9-mua1-2bem"},{"vulnerability":"VCID-fv6w-cdtc-kkhx"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-gv5f-auvz-5fda"},{"vulnerability":"VCID-h4yg-zrv6-aqa1"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hkjh-35ye-1ugj"},{"vulnerability":"VCID-j5su-cnqd-6yad"},{"vulnerability":"VCID-k6mz-k1yb-4uej"},{"vulnerability":"VCID-kdsa-599r-eud7"},{"vulnerability":"VCID-me84-wy85-hkf5"},{"vulnerability":"VCID-n2dn-bnjc-13gp"},{"vulnerability":"VCID-n4fb-crnk-eugz"},{"vulnerability":"VCID-nmgp-r7hb-5ke1"},{"vulnerability":"VCID-q96z-v3bs-k3dg"},{"vulnerability":"VCID-qqm4-frqy-bua5"},{"vulnerability":"VCID-r28t-sdc5-kbga"},{"vulnerability":"VCID-tcaj-6bcg-k7g2"},{"vulnerability":"VCID-tgd1-s1yg-9fdt"},{"vulnerability":"VCID-vgp6-jxqt-pbf4"},{"vulnerability":"VCID-vkb9-11h4-dugp"},{"vulnerability":"VCID-vnkw-9fa2-zqcm"},{"vulnerability":"VCID-x65e-31g3-77bp"},{"vulnerability":"VCID-xz41-1z86-37ew"},{"vulnerability":"VCID-y5uq-a6dx-3yd4"},{"vulnerability":"VCID-ygbu-vb2t-jqhx"},{"vulnerability":"VCID-z1gf-169n-m3af"},{"vulnerability":"VCID-zb3c-gnyc-yug8"},{"vulnerability":"VCID-zxww-8kb3-tufv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.0.11.1"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/22081?format=json","purl":"pkg:maven/org.apache.struts/struts2-core@2.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2rjv-1thm-dugt"},{"vulnerability":"VCID-3yq7-n972-j7dh"},{"vulnerability":"VCID-4agy-6nsx-7ufh"},{"vulnerability":"VCID-6241-shkt-s7ew"},{"vulnerability":"VCID-6hrc-fm64-ckhf"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-8bsh-bshc-vkgq"},{"vulnerability":"VCID-95ts-vpk6-uubg"},{"vulnerability":"VCID-at5c-f8p8-67fh"},{"vulnerability":"VCID-b59n-uxft-4qgz"},{"vulnerability":"VCID-d8as-n8hc-j3fj"},{"vulnerability":"VCID-fv6w-cdtc-kkhx"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hkjh-35ye-1ugj"},{"vulnerability":"VCID-j5su-cnqd-6yad"},{"vulnerability":"VCID-j8jv-hzsy-nyec"},{"vulnerability":"VCID-k6mz-k1yb-4uej"},{"vulnerability":"VCID-kdsa-599r-eud7"},{"vulnerability":"VCID-p9xh-frm5-8ucp"},{"vulnerability":"VCID-skbn-jggt-uffg"},{"vulnerability":"VCID-tgd1-s1yg-9fdt"},{"vulnerability":"VCID-vkb9-11h4-dugp"},{"vulnerability":"VCID-vnkw-9fa2-zqcm"},{"vulnerability":"VCID-ygbu-vb2t-jqhx"},{"vulnerability":"VCID-zxww-8kb3-tufv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/147829?format=json","purl":"pkg:maven/org.apache.struts/struts2-core@2.0.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2chz-36wn-9fcv"},{"vulnerability":"VCID-2rjv-1thm-dugt"},{"vulnerability":"VCID-2v7h-fght-cugn"},{"vulnerability":"VCID-3yq7-n972-j7dh"},{"vulnerability":"VCID-4agy-6nsx-7ufh"},{"vulnerability":"VCID-579w-2k2v-efa2"},{"vulnerability":"VCID-6241-shkt-s7ew"},{"vulnerability":"VCID-6hrc-fm64-ckhf"},{"vulnerability":"VCID-6t1x-s2k2-b7bq"},{"vulnerability":"VCID-759g-hsfg-97f8"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-87fh-rvvb-6ubq"},{"vulnerability":"VCID-8bsh-bshc-vkgq"},{"vulnerability":"VCID-8mws-fbmg-cqa9"},{"vulnerability":"VCID-95ts-vpk6-uubg"},{"vulnerability":"VCID-at5c-f8p8-67fh"},{"vulnerability":"VCID-b59n-uxft-4qgz"},{"vulnerability":"VCID-b7zy-qhz9-tuar"},{"vulnerability":"VCID-cm62-bsdz-yye2"},{"vulnerability":"VCID-d8as-n8hc-j3fj"},{"vulnerability":"VCID-dk2f-14xj-9bf8"},{"vulnerability":"VCID-evh9-mua1-2bem"},{"vulnerability":"VCID-fv6w-cdtc-kkhx"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-gv5f-auvz-5fda"},{"vulnerability":"VCID-h4yg-zrv6-aqa1"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hkjh-35ye-1ugj"},{"vulnerability":"VCID-j5su-cnqd-6yad"},{"vulnerability":"VCID-k6mz-k1yb-4uej"},{"vulnerability":"VCID-kdsa-599r-eud7"},{"vulnerability":"VCID-me84-wy85-hkf5"},{"vulnerability":"VCID-n2dn-bnjc-13gp"},{"vulnerability":"VCID-n4fb-crnk-eugz"},{"vulnerability":"VCID-nmgp-r7hb-5ke1"},{"vulnerability":"VCID-q96z-v3bs-k3dg"},{"vulnerability":"VCID-qqm4-frqy-bua5"},{"vulnerability":"VCID-r28t-sdc5-kbga"},{"vulnerability":"VCID-skbn-jggt-uffg"},{"vulnerability":"VCID-tcaj-6bcg-k7g2"},{"vulnerability":"VCID-tgd1-s1yg-9fdt"},{"vulnerability":"VCID-vgp6-jxqt-pbf4"},{"vulnerability":"VCID-vkb9-11h4-dugp"},{"vulnerability":"VCID-vnkw-9fa2-zqcm"},{"vulnerability":"VCID-x65e-31g3-77bp"},{"vulnerability":"VCID-xz41-1z86-37ew"},{"vulnerability":"VCID-y5uq-a6dx-3yd4"},{"vulnerability":"VCID-ygbu-vb2t-jqhx"},{"vulnerability":"VCID-z1gf-169n-m3af"},{"vulnerability":"VCID-zb3c-gnyc-yug8"},{"vulnerability":"VCID-zxww-8kb3-tufv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.0.5"},{"url":"http://public2.vulnerablecode.io/api/packages/147830?format=json","purl":"pkg:maven/org.apache.struts/struts2-core@2.0.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2chz-36wn-9fcv"},{"vulnerability":"VCID-2rjv-1thm-dugt"},{"vulnerability":"VCID-2v7h-fght-cugn"},{"vulnerability":"VCID-3yq7-n972-j7dh"},{"vulnerability":"VCID-4agy-6nsx-7ufh"},{"vulnerability":"VCID-579w-2k2v-efa2"},{"vulnerability":"VCID-6241-shkt-s7ew"},{"vulnerability":"VCID-6hrc-fm64-ckhf"},{"vulnerability":"VCID-6t1x-s2k2-b7bq"},{"vulnerability":"VCID-759g-hsfg-97f8"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-87fh-rvvb-6ubq"},{"vulnerability":"VCID-8bsh-bshc-vkgq"},{"vulnerability":"VCID-8mws-fbmg-cqa9"},{"vulnerability":"VCID-95ts-vpk6-uubg"},{"vulnerability":"VCID-at5c-f8p8-67fh"},{"vulnerability":"VCID-b59n-uxft-4qgz"},{"vulnerability":"VCID-b7zy-qhz9-tuar"},{"vulnerability":"VCID-cm62-bsdz-yye2"},{"vulnerability":"VCID-d8as-n8hc-j3fj"},{"vulnerability":"VCID-dk2f-14xj-9bf8"},{"vulnerability":"VCID-evh9-mua1-2bem"},{"vulnerability":"VCID-fv6w-cdtc-kkhx"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-gv5f-auvz-5fda"},{"vulnerability":"VCID-h4yg-zrv6-aqa1"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hkjh-35ye-1ugj"},{"vulnerability":"VCID-j5su-cnqd-6yad"},{"vulnerability":"VCID-k6mz-k1yb-4uej"},{"vulnerability":"VCID-kdsa-599r-eud7"},{"vulnerability":"VCID-me84-wy85-hkf5"},{"vulnerability":"VCID-n2dn-bnjc-13gp"},{"vulnerability":"VCID-n4fb-crnk-eugz"},{"vulnerability":"VCID-nmgp-r7hb-5ke1"},{"vulnerability":"VCID-q96z-v3bs-k3dg"},{"vulnerability":"VCID-qqm4-frqy-bua5"},{"vulnerability":"VCID-r28t-sdc5-kbga"},{"vulnerability":"VCID-skbn-jggt-uffg"},{"vulnerability":"VCID-tcaj-6bcg-k7g2"},{"vulnerability":"VCID-tgd1-s1yg-9fdt"},{"vulnerability":"VCID-vgp6-jxqt-pbf4"},{"vulnerability":"VCID-vkb9-11h4-dugp"},{"vulnerability":"VCID-vnkw-9fa2-zqcm"},{"vulnerability":"VCID-x65e-31g3-77bp"},{"vulnerability":"VCID-xz41-1z86-37ew"},{"vulnerability":"VCID-y5uq-a6dx-3yd4"},{"vulnerability":"VCID-ygbu-vb2t-jqhx"},{"vulnerability":"VCID-z1gf-169n-m3af"},{"vulnerability":"VCID-zb3c-gnyc-yug8"},{"vulnerability":"VCID-zxww-8kb3-tufv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.0.6"},{"url":"http://public2.vulnerablecode.io/api/packages/147831?format=json","purl":"pkg:maven/org.apache.struts/struts2-core@2.0.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2chz-36wn-9fcv"},{"vulnerability":"VCID-2rjv-1thm-dugt"},{"vulnerability":"VCID-2v7h-fght-cugn"},{"vulnerability":"VCID-3yq7-n972-j7dh"},{"vulnerability":"VCID-4agy-6nsx-7ufh"},{"vulnerability":"VCID-579w-2k2v-efa2"},{"vulnerability":"VCID-6241-shkt-s7ew"},{"vulnerability":"VCID-6hrc-fm64-ckhf"},{"vulnerability":"VCID-6t1x-s2k2-b7bq"},{"vulnerability":"VCID-759g-hsfg-97f8"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-87fh-rvvb-6ubq"},{"vulnerability":"VCID-8bsh-bshc-vkgq"},{"vulnerability":"VCID-8mws-fbmg-cqa9"},{"vulnerability":"VCID-95ts-vpk6-uubg"},{"vulnerability":"VCID-at5c-f8p8-67fh"},{"vulnerability":"VCID-b59n-uxft-4qgz"},{"vulnerability":"VCID-b7zy-qhz9-tuar"},{"vulnerability":"VCID-cm62-bsdz-yye2"},{"vulnerability":"VCID-d8as-n8hc-j3fj"},{"vulnerability":"VCID-dk2f-14xj-9bf8"},{"vulnerability":"VCID-evh9-mua1-2bem"},{"vulnerability":"VCID-fv6w-cdtc-kkhx"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-gv5f-auvz-5fda"},{"vulnerability":"VCID-h4yg-zrv6-aqa1"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hkjh-35ye-1ugj"},{"vulnerability":"VCID-j5su-cnqd-6yad"},{"vulnerability":"VCID-k6mz-k1yb-4uej"},{"vulnerability":"VCID-kdsa-599r-eud7"},{"vulnerability":"VCID-me84-wy85-hkf5"},{"vulnerability":"VCID-n2dn-bnjc-13gp"},{"vulnerability":"VCID-n4fb-crnk-eugz"},{"vulnerability":"VCID-nmgp-r7hb-5ke1"},{"vulnerability":"VCID-q96z-v3bs-k3dg"},{"vulnerability":"VCID-qqm4-frqy-bua5"},{"vulnerability":"VCID-r28t-sdc5-kbga"},{"vulnerability":"VCID-skbn-jggt-uffg"},{"vulnerability":"VCID-tcaj-6bcg-k7g2"},{"vulnerability":"VCID-tgd1-s1yg-9fdt"},{"vulnerability":"VCID-vgp6-jxqt-pbf4"},{"vulnerability":"VCID-vkb9-11h4-dugp"},{"vulnerability":"VCID-vnkw-9fa2-zqcm"},{"vulnerability":"VCID-x65e-31g3-77bp"},{"vulnerability":"VCID-xz41-1z86-37ew"},{"vulnerability":"VCID-y5uq-a6dx-3yd4"},{"vulnerability":"VCID-ygbu-vb2t-jqhx"},{"vulnerability":"VCID-z1gf-169n-m3af"},{"vulnerability":"VCID-zb3c-gnyc-yug8"},{"vulnerability":"VCID-zxww-8kb3-tufv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.0.8"},{"url":"http://public2.vulnerablecode.io/api/packages/147832?format=json","purl":"pkg:maven/org.apache.struts/struts2-core@2.0.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2chz-36wn-9fcv"},{"vulnerability":"VCID-2rjv-1thm-dugt"},{"vulnerability":"VCID-2v7h-fght-cugn"},{"vulnerability":"VCID-3yq7-n972-j7dh"},{"vulnerability":"VCID-4agy-6nsx-7ufh"},{"vulnerability":"VCID-579w-2k2v-efa2"},{"vulnerability":"VCID-6241-shkt-s7ew"},{"vulnerability":"VCID-6hrc-fm64-ckhf"},{"vulnerability":"VCID-6t1x-s2k2-b7bq"},{"vulnerability":"VCID-759g-hsfg-97f8"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-87fh-rvvb-6ubq"},{"vulnerability":"VCID-8bsh-bshc-vkgq"},{"vulnerability":"VCID-8mws-fbmg-cqa9"},{"vulnerability":"VCID-95ts-vpk6-uubg"},{"vulnerability":"VCID-at5c-f8p8-67fh"},{"vulnerability":"VCID-b59n-uxft-4qgz"},{"vulnerability":"VCID-b7zy-qhz9-tuar"},{"vulnerability":"VCID-cm62-bsdz-yye2"},{"vulnerability":"VCID-d8as-n8hc-j3fj"},{"vulnerability":"VCID-dk2f-14xj-9bf8"},{"vulnerability":"VCID-evh9-mua1-2bem"},{"vulnerability":"VCID-fv6w-cdtc-kkhx"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-gv5f-auvz-5fda"},{"vulnerability":"VCID-h4yg-zrv6-aqa1"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hkjh-35ye-1ugj"},{"vulnerability":"VCID-j5su-cnqd-6yad"},{"vulnerability":"VCID-k6mz-k1yb-4uej"},{"vulnerability":"VCID-kdsa-599r-eud7"},{"vulnerability":"VCID-me84-wy85-hkf5"},{"vulnerability":"VCID-n2dn-bnjc-13gp"},{"vulnerability":"VCID-n4fb-crnk-eugz"},{"vulnerability":"VCID-nmgp-r7hb-5ke1"},{"vulnerability":"VCID-q96z-v3bs-k3dg"},{"vulnerability":"VCID-qqm4-frqy-bua5"},{"vulnerability":"VCID-r28t-sdc5-kbga"},{"vulnerability":"VCID-skbn-jggt-uffg"},{"vulnerability":"VCID-tcaj-6bcg-k7g2"},{"vulnerability":"VCID-tgd1-s1yg-9fdt"},{"vulnerability":"VCID-vgp6-jxqt-pbf4"},{"vulnerability":"VCID-vkb9-11h4-dugp"},{"vulnerability":"VCID-vnkw-9fa2-zqcm"},{"vulnerability":"VCID-x65e-31g3-77bp"},{"vulnerability":"VCID-xz41-1z86-37ew"},{"vulnerability":"VCID-y5uq-a6dx-3yd4"},{"vulnerability":"VCID-ygbu-vb2t-jqhx"},{"vulnerability":"VCID-z1gf-169n-m3af"},{"vulnerability":"VCID-zb3c-gnyc-yug8"},{"vulnerability":"VCID-zxww-8kb3-tufv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.0.9"},{"url":"http://public2.vulnerablecode.io/api/packages/147833?format=json","purl":"pkg:maven/org.apache.struts/struts2-core@2.0.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2chz-36wn-9fcv"},{"vulnerability":"VCID-2rjv-1thm-dugt"},{"vulnerability":"VCID-2v7h-fght-cugn"},{"vulnerability":"VCID-3yq7-n972-j7dh"},{"vulnerability":"VCID-4agy-6nsx-7ufh"},{"vulnerability":"VCID-579w-2k2v-efa2"},{"vulnerability":"VCID-6241-shkt-s7ew"},{"vulnerability":"VCID-6hrc-fm64-ckhf"},{"vulnerability":"VCID-6t1x-s2k2-b7bq"},{"vulnerability":"VCID-759g-hsfg-97f8"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-87fh-rvvb-6ubq"},{"vulnerability":"VCID-8bsh-bshc-vkgq"},{"vulnerability":"VCID-8mws-fbmg-cqa9"},{"vulnerability":"VCID-95ts-vpk6-uubg"},{"vulnerability":"VCID-at5c-f8p8-67fh"},{"vulnerability":"VCID-b59n-uxft-4qgz"},{"vulnerability":"VCID-b7zy-qhz9-tuar"},{"vulnerability":"VCID-cm62-bsdz-yye2"},{"vulnerability":"VCID-d8as-n8hc-j3fj"},{"vulnerability":"VCID-dk2f-14xj-9bf8"},{"vulnerability":"VCID-evh9-mua1-2bem"},{"vulnerability":"VCID-fv6w-cdtc-kkhx"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-gv5f-auvz-5fda"},{"vulnerability":"VCID-h4yg-zrv6-aqa1"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hkjh-35ye-1ugj"},{"vulnerability":"VCID-j5su-cnqd-6yad"},{"vulnerability":"VCID-k6mz-k1yb-4uej"},{"vulnerability":"VCID-kdsa-599r-eud7"},{"vulnerability":"VCID-me84-wy85-hkf5"},{"vulnerability":"VCID-n2dn-bnjc-13gp"},{"vulnerability":"VCID-n4fb-crnk-eugz"},{"vulnerability":"VCID-nmgp-r7hb-5ke1"},{"vulnerability":"VCID-q96z-v3bs-k3dg"},{"vulnerability":"VCID-qqm4-frqy-bua5"},{"vulnerability":"VCID-r28t-sdc5-kbga"},{"vulnerability":"VCID-skbn-jggt-uffg"},{"vulnerability":"VCID-tcaj-6bcg-k7g2"},{"vulnerability":"VCID-tgd1-s1yg-9fdt"},{"vulnerability":"VCID-vgp6-jxqt-pbf4"},{"vulnerability":"VCID-vkb9-11h4-dugp"},{"vulnerability":"VCID-vnkw-9fa2-zqcm"},{"vulnerability":"VCID-x65e-31g3-77bp"},{"vulnerability":"VCID-xz41-1z86-37ew"},{"vulnerability":"VCID-y5uq-a6dx-3yd4"},{"vulnerability":"VCID-ygbu-vb2t-jqhx"},{"vulnerability":"VCID-z1gf-169n-m3af"},{"vulnerability":"VCID-zb3c-gnyc-yug8"},{"vulnerability":"VCID-zxww-8kb3-tufv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.0.11"},{"url":"http://public2.vulnerablecode.io/api/packages/22229?format=json","purl":"pkg:maven/org.apache.struts/struts2-core@2.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2rjv-1thm-dugt"},{"vulnerability":"VCID-579w-2k2v-efa2"},{"vulnerability":"VCID-d8as-n8hc-j3fj"},{"vulnerability":"VCID-skbn-jggt-uffg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.1.0"}],"references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-6682","reference_id":"","reference_type":"","scores":[{"value":"0.0143","scoring_system":"epss","scoring_elements":"0.80846","published_at":"2026-05-16T12:55:00Z"},{"value":"0.0143","scoring_system":"epss","scoring_elements":"0.80685","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0143","scoring_system":"epss","scoring_elements":"0.80708","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0143","scoring_system":"epss","scoring_elements":"0.80712","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0143","scoring_system":"epss","scoring_elements":"0.80725","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0143","scoring_system":"epss","scoring_elements":"0.80742","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0143","scoring_system":"epss","scoring_elements":"0.80763","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0143","scoring_system":"epss","scoring_elements":"0.80783","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0143","scoring_system":"epss","scoring_elements":"0.80778","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0143","scoring_system":"epss","scoring_elements":"0.80796","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0143","scoring_system":"epss","scoring_elements":"0.8084","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0143","scoring_system":"epss","scoring_elements":"0.80843","published_at":"2026-05-15T12:55:00Z"},{"value":"0.0143","scoring_system":"epss","scoring_elements":"0.80595","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0143","scoring_system":"epss","scoring_elements":"0.80603","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0143","scoring_system":"epss","scoring_elements":"0.80625","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0143","scoring_system":"epss","scoring_elements":"0.80619","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0143","scoring_system":"epss","scoring_elements":"0.80646","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0143","scoring_system":"epss","scoring_elements":"0.80656","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0143","scoring_system":"epss","scoring_elements":"0.80672","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0143","scoring_system":"epss","scoring_elements":"0.80659","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0143","scoring_system":"epss","scoring_elements":"0.80651","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0143","scoring_system":"epss","scoring_elements":"0.8068","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0143","scoring_system":"epss","scoring_elements":"0.80682","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-6682"},{"reference_url":"https://github.com/apache/struts","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/struts"},{"reference_url":"https://github.com/apache/struts/commit/09147ffad2b3046ed21af0f524c5088e2ac551e6","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/struts/commit/09147ffad2b3046ed21af0f524c5088e2ac551e6"},{"reference_url":"https://github.com/apache/struts/commit/bd3f2f59c9b09f70aed3ebab6bb69b464ee2d6cb","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/struts/commit/bd3f2f59c9b09f70aed3ebab6bb69b464ee2d6cb"},{"reference_url":"https://github.com/apache/struts/commit/dae026a0f0511f83852053bae9d5a622e7f80486","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/struts/commit/dae026a0f0511f83852053bae9d5a622e7f80486"},{"reference_url":"https://issues.apache.org/struts/browse/WW-2414","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://issues.apache.org/struts/browse/WW-2414"},{"reference_url":"https://issues.apache.org/struts/browse/WW-2427","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://issues.apache.org/struts/browse/WW-2427"},{"reference_url":"https://web.archive.org/web/20080610075918/http://www.nabble.com/Feedback%3A-WW-2414%2C-XSS-attack-is-possible-if-using-%3Cs%3Aurl-...%3E-and-%3Cs%3Aa-...%3E-td14771449i20.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20080610075918/http://www.nabble.com/Feedback%3A-WW-2414%2C-XSS-attack-is-possible-if-using-%3Cs%3Aurl-...%3E-and-%3Cs%3Aa-...%3E-td14771449i20.html"},{"reference_url":"https://web.archive.org/web/20080611112834/http://www.nabble.com/Feedback%3A-WW-2414%2C-XSS-attack-is-possible-if-using-%3Cs%3Aurl-...%3E-and-%3Cs%3Aa-...%3E-td14771449.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20080611112834/http://www.nabble.com/Feedback%3A-WW-2414%2C-XSS-attack-is-possible-if-using-%3Cs%3Aurl-...%3E-and-%3Cs%3Aa-...%3E-td14771449.html"},{"reference_url":"https://web.archive.org/web/20200229155553/http://www.securityfocus.com/bid/34686","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20200229155553/http://www.securityfocus.com/bid/34686"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-6682","reference_id":"CVE-2008-6682","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-6682"},{"reference_url":"https://github.com/advisories/GHSA-jgcr-9c2q-rvp8","reference_id":"GHSA-jgcr-9c2q-rvp8","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jgcr-9c2q-rvp8"}],"weaknesses":[{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."},{"cwe_id":79,"name":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","description":"The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."}],"exploits":[],"severity_range_score":"4.0 - 6.9","exploitability":"0.5","weighted_severity":"6.2","risk_score":3.1,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-skbn-jggt-uffg"}