CVE-2015-2992

Description

Apache Struts before 2.3.20 has a cross-site scripting (XSS) vulnerability.

Affected products

• Apache Software Foundation / Apache Strutsbefore 2.3.20 – before 2.3.20

References

• MISChttp://jvn.jp/en/jp/JVN88408929/index.html
• MISChttp://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000124.html
• MISChttp://www.securityfocus.com/bid/76624
• MISChttps://security.netapp.com/advisory/ntap-20200330-0001/