This host is running Apache Struts Showcase and is prone to multiple persistence cross-site scripting vulnerabilities.
Successful exploitation could allow an attacker to execute arbitrary HTML code in a user's browser session in the context of a vulnerable application. Impact Level: Application.
Update Apache Struts to version 2.3.3 or later, For updates refer to http://struts.apache.org/download.cgi
Multiple flaws due to an, - Input passed via the 'name' and 'lastName' parameter in '/struts2-showcase/person/editPerson.action' is not properly verified before it is returned to the user. - Input passed via the 'clientName' parameter in '/struts2-rest-showcase/orders' action is not properly verified before it is returned to the user.
Apache Struts2 (Showcase) version 2.x to 2.2.3
- Adobe ColdFusion Multiple Cross Site Scripting Vulnerabilities
- Apple Safari Multiple Vulnerabilities
- An Image Gallery Multiple Cross-Site Scripting Vulnerability
- Abtp Portal Project 'ABTPV_BLOQUE_CENT' Parameter Local and Remote File Include Vulnerabilities
- Andromeda Streaming MP3 Server Cross Site Scripting Vulnerability