Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2005-3745

Cross-site scripting (XSS) vulnerability in Apache Struts 1.2.7, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the query string, which is not properly quoted or filtered when the request handler generates an error message.

  • Published: Nov 22, 2005
  • Updated: Apr 13, 2023
  • CVE: CVE-2005-3745
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 4.3
  • AV:N/AC:M/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Software From Fixed in
apache / struts 1.2.7 1.2.7.x