Lucene search
Veracode Vulnerability DatabaseVERACODE:7707HistoryNov 09, 2018 - 12:58 a.m.
Cross-Site Scripting (XSS)
2018-11-0900:58:46
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
3
0.005 Low
EPSS
Percentile
76.6%
Apache Tiles is susceptible to cross-site scripting (XSS) attacks. It does not limit the evaluation of Expression Language (EL) expressions in certain circumstances, allowing the attacker to trigger the attack via (1) tiles:putAttribute and (2) tiles:insertTemplate JSP tags.
| CPE | Name | Operator | Version |
|---|---|---|---|
| tiles - jsp support | le | 2.1.1 | |
| tiles - core library | le | 2.1.1 |
Related
osv
osv
Apache Tiles Vulnerable to XSS via EL Expression Injection
2022-05-02 03:23:16
cvelist
cvelist
CVE-2009-1275
2009-04-09 15:00:00
nvd
nvd
CVE-2009-1275
2009-04-09 15:08:35
cve
cve
CVE-2009-1275
2009-04-09 15:08:35
openvas
openvas
Apache Tiles Multiple XSS Vulnerabilities
2009-04-28 00:00:00
Apache Tiles Multiple XSS Vulnerability
2009-04-28 00:00:00
github
github
Apache Tiles Vulnerable to XSS via EL Expression Injection
2022-05-02 03:23:16
debiancve
debiancve
CVE-2009-1275
2009-04-09 15:08:35
prion
prion
Cross site scripting
2009-04-09 15:08:00