Lucene search
F5F5:K17449HistoryOct 16, 2015 - 12:00 a.m.
K17449 : Apache Struts 2 vulnerability CVE-2015-5169
2015-10-1600:00:00
my.f5.com
17
Security Advisory Description
Cross-site scripting (XSS) vulnerability in Apache Struts before 2.3.20. (CVE-2015-5169)
When debug mode is switched on in Apache Struts, under certain conditions, an arbitrary script may be executed in the ‘Problem Report’ screen. Affected versions are Struts 2.0.0 - 2.3.16.3.
Impact
There is no impact; F5 products are not affected by this vulnerability.
| CPE | Name | Operator | Version |
|---|---|---|---|
| big-ip afm | eq | 11.3.0 | |
| big-ip afm | eq | 11.4.0 | |
| big-ip afm | eq | 11.4.1 | |
| big-ip afm | eq | 11.5.0 | |
| big-ip afm | eq | 11.5.1 | |
| big-ip afm | eq | 11.5.2 | |
| big-ip afm | eq | 11.5.3 | |
| big-ip afm | eq | 11.6.0 | |
| big-ip afm | eq | 12.0.0 | |
| big-ip analytics | eq | 11.0.0 |
Related
osv
osv
Cross-site Scripting in Apache Struts
2022-05-14 01:57:02
prion
prion
Cross site scripting
2017-09-25 21:29:00
github
github
Cross-site Scripting in Apache Struts
2022-05-14 01:57:02
jvn
jvn
JVN#95989300: Apache Struts vulnerable to cross-site scripting
2015-09-04 00:00:00
cve
cve
CVE-2015-5169
2017-09-25 21:29:00
f5
f5
SOL17449 - Apache Struts 2 vulnerability CVE-2015-5169
2015-10-16 00:00:00
ubuntucve
ubuntucve
CVE-2015-5169
2017-09-25 00:00:00
cvelist
cvelist
CVE-2015-5169
2017-09-25 21:00:00
openvas
openvas
Apache Struts 'Problem Report' XSS Vulnerability (S2-025)
2017-10-06 00:00:00
Apache Struts Security Update (S2-021, S2-022, S2-023, S2-025)
2019-08-28 00:00:00
nvd
nvd
CVE-2015-5169
2017-09-25 21:29:00
nessus
nessus
Apache Struts 2 Multiple Vulnerabilities (S2-023) (S2-025)
2014-12-10 00:00:00
