Moderate severityNVD Advisory· Published Feb 27, 2020· Updated Aug 6, 2024
CVE-2015-2992
CVE-2015-2992
Description
Apache Struts before 2.3.20 has a cross-site scripting (XSS) vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.apache.struts:struts2-coreMaven | < 2.3.20 | 2.3.20 |
Affected products
2Patches
Vulnerability mechanics
References
9- github.com/advisories/GHSA-265r-pp83-gww7ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2015-2992ghsaADVISORY
- jvn.jp/en/jp/JVN88408929/index.htmlghsax_refsource_MISCWEB
- jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000124.htmlghsax_refsource_MISCWEB
- www.securityfocus.com/bid/76624ghsax_refsource_MISCWEB
- cwiki.apache.org/confluence/display/WW/S2-025ghsaWEB
- cwiki.apache.org/confluence/display/WW/SecurityghsaWEB
- security.netapp.com/advisory/ntap-20200330-0001ghsaWEB
- security.netapp.com/advisory/ntap-20200330-0001/mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.