Description
Multiple cross-site scripting (XSS) vulnerabilities in component handlers in the javatemplates (aka Java Templates) plugin in Apache Struts 2.x before 2.2.3 allow remote attackers to inject arbitrary web script or HTML via an arbitrary parameter value to a .action URI, related to improper handling of value attributes in (1) FileHandler.java, (2) HiddenHandler.java, (3) PasswordHandler.java, (4) RadioHandler.java, (5) ResetHandler.java, (6) SelectHandler.java, (7) SubmitHandler.java, and (8) TextFieldHandler.java.
Remediation
References
http://struts.apache.org/2.2.3/docs/version-notes-223.html
http://www.vupen.com/english/advisories/2011/1198
https://issues.apache.org/jira/browse/WW-3597
https://issues.apache.org/jira/browse/WW-3608
Related Vulnerabilities
CVE-2020-28052 Vulnerability in maven package org.bouncycastle:bcprov-jdk15to18
CVE-2023-34047 Vulnerability in maven package org.springframework.graphql:spring-graphql
CVE-2010-3718 Vulnerability in maven package tomcat:catalina
CVE-2018-1999038 Vulnerability in maven package org.jenkins-ci.plugins:publish-over-cifs
CVE-2017-5641 Vulnerability in maven package org.apache.flex.blazeds:blazeds