CVE-2005-3745 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2005-3745 Interim 1 3 2021-06-09T08:35:36Z current 2021-05-30T12:34:15Z 2021-06-09T08:35:36Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2005-3745 Cross-site scripting (XSS) vulnerability in Apache Struts 1.2.7, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the query string, which is not properly quoted or filtered when the request handler generates an error message. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/kb/doc/?id=7018709 E-Mail link for TID7018709 https://www.suse.com/support/security/rating/ SUSE Security Ratings Cross-site scripting (XSS) vulnerability in Apache Struts 1.2.7, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the query string, which is not properly quoted or filtered when the request handler generates an error message. CVE-2005-3745 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N