Apache Struts CVE-2015-5169 Cross Site Scripting Vulnerability

description-logoDescription

When the Struts2 debug mode is turned on, under certain conditionsan arbitraryscript may be executed in the 'Problem Report' screen. Also if JSP files are exposed to be accessed directly it's possible to execute an arbitrary script.

affected-products-logoAffected Applications

Apache Struts

CVE References

CVE-2015-5169