Moderate severityNVD Advisory· Published Nov 22, 2005· Updated Jun 16, 2026
CVE-2005-3745
CVE-2005-3745
Description
Cross-site scripting (XSS) vulnerability in Apache Struts 1.2.7, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the query string, which is not properly quoted or filtered when the request handler generates an error message.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.apache.struts:struts-coreMaven | <= 1.2.7 | — |
Affected products
2Patches
Vulnerability mechanics
References
22- www.hacktics.com/AdvStrutsNov05.htmlnvdExploitPatchVendor Advisory
- www.securityfocus.com/bid/15512nvdExploitPatch
- github.com/advisories/GHSA-9cjh-qmvx-436cghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2005-3745ghsaADVISORY
- www.redhat.com/support/errata/RHSA-2006-0157.htmlnvdWEB
- www.redhat.com/support/errata/RHSA-2006-0161.htmlnvdWEB
- lists.apache.org/thread.html/r02c2d634fa74209d941c90f9a4cd36a6f12366ca65f9b90446ff2de3@%3Cissues.struts.apache.org%3EghsaWEB
- lists.apache.org/thread.html/rf482c101a88445d73cc2e89dbf7f16ae00a4aa79a544a1e72b2326db@%3Cissues.struts.apache.org%3EghsaWEB
- web.archive.org/web/20051230061138/http://www.hacktics.com/AdvStrutsNov05.htmlghsaWEB
- web.archive.org/web/20060315133810/http://securitytracker.com/alerts/2005/Nov/1015257.htmlghsaWEB
- web.archive.org/web/20060408105414/http://www.securityfocus.com/bid/15512ghsaWEB
- web.archive.org/web/20201125023452/http://www.securityfocus.com/archive/1/417296/30/0/threadedghsaWEB
- web.archive.org/web/20201207010315/https://cxsecurity.com/issue/WLB-2005110055ghsaWEB
- secunia.com/advisories/17677nvd
- secunia.com/advisories/18341nvd
- securityreason.com/securityalert/197nvd
- securitytracker.com/idnvd
- www.osvdb.org/21021nvd
- www.securityfocus.com/archive/1/417296/30/0/threadednvd
- www.vupen.com/english/advisories/2005/2525nvd
- lists.apache.org/thread.html/r02c2d634fa74209d941c90f9a4cd36a6f12366ca65f9b90446ff2de3%40%3Cissues.struts.apache.org%3Envd
- lists.apache.org/thread.html/rf482c101a88445d73cc2e89dbf7f16ae00a4aa79a544a1e72b2326db%40%3Cissues.struts.apache.org%3Envd
News mentions
0No linked articles in our index yet.