Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2016-2162

Disclosure Date: April 12, 2016 (last updated October 05, 2023)
Apache Struts 2.x before 2.3.25 does not sanitize text in the Locale object constructed by I18NInterceptor, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors involving language display.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0