This host is running Apache Struts Showcase and is prone to multiple persistence cross-site scripting vulnerabilities.
Successful exploitation could allow an attacker to execute arbitrary HTML code in a user's browser session in the context of a vulnerable application. Impact Level: Application.
Update Apache Struts to version 2.3.3 or later, For updates refer to http://struts.apache.org/download.cgi
Multiple flaws due to an, - Input passed via the 'name' and 'lastName' parameter in '/struts2-showcase/person/editPerson.action' is not properly verified before it is returned to the user. - Input passed via the 'clientName' parameter in '/struts2-rest-showcase/orders' action is not properly verified before it is returned to the user.
Apache Struts2 (Showcase) version 2.x to 2.2.3
- 1024 CMS 1.1.0 Beta 'force_download.php' Local File Include Vulnerability
- Apache Tomcat HTTP BIO Connector Information Disclosure Vulnerability
- Apache Tomcat source.jsp malformed request information disclosure
- Apache Subversion Module Metadata Accessible
- Abtp Portal Project 'ABTPV_BLOQUE_CENT' Parameter Local and Remote File Include Vulnerabilities