1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
|
Candidate: CVE-2015-2992
PublicDate: 2015-10-09
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2992
https://bugzilla.redhat.com/show_bug.cgi?id=1260101
https://struts.apache.org/docs/s2-025.html
Description:
XSS vulnerability when JSP files are exposed to be accessed directly
Ubuntu-Description:
Notes:
sbeattie> Affected versions are Struts 2.0.0 - 2.3.16.3.
Bugs:
Priority: low
Discovered-by:
Assigned-to:
Patches_libstruts1.2-java:
upstream_libstruts1.2-java: needs-triage
precise_libstruts1.2-java: not-affected (2.x only)
trusty_libstruts1.2-java: not-affected (2.x only)
vivid_libstruts1.2-java: DNE
devel_libstruts1.2-java: DNE
|