What is CVE-2005-3745?

CVE-2005-3745 is a vulnerability in N/a. Published 2005-11-22.

Is CVE-2005-3745 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2005-3745

Cross-site scripting (XSS) vulnerability in Apache Struts 1.2.7, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the query string, which is not properly quoted or filtered when the request han…

EPSS: 0.591 (98.3th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

RHSA-2006:0161 (x_refsource_REDHAT, vendor-advisory)
ADV-2005-2525 (vdb-entry, x_refsource_VUPEN)
21021 (x_refsource_OSVDB, vdb-entry)
15512 (vdb-entry, x_refsource_BID)
www.hacktics.com/AdvStrutsNov05.html (x_refsource_MISC)
20051121 Security Advisory: Struts Error Message Cross Site Scripting (mailing-list, x_refsource_BUGTRAQ)
RHSA-2006:0157 (x_refsource_REDHAT, vendor-advisory)
1015257 (vdb-entry, x_refsource_SECTRACK)
197 (x_refsource_SREASON, third-party-advisory)
17677 (x_refsource_SECUNIA, third-party-advisory)

Frequently asked questions

What is CVE-2005-3745?: CVE-2005-3745 is a vulnerability in N/a. Published 2005-11-22.
Is CVE-2005-3745 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.