Details
Cross-site scripting (XSS) vulnerability in Apache Struts before 1.2.9-162.31.1 on SUSE Linux Enterprise (SLE) 11, before 1.2.9-108.2 on SUSE openSUSE 10.3, before 1.2.9-198.2 on SUSE openSUSE 11.0, and before 1.2.9-162.163.2 on SUSE openSUSE 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "insufficient quoting of parameters."Novell Bugzilla entry: 385273 SUSE Security Advisories:
- SUSE-SR:2009:008 , published Mon, 06 Apr 2009 15:00:00 +0000
| Product(s) | Fixed package version(s) | References |
|---|---|---|
| SLE 11 |
| sle11. ppc sle11. x86-64 sle11. x86 sle11. ia64 sle11. s390x SAT Patch Nr: 724 |
| openSUSE 10.3 |
| ZYPP Patch Nr: 5872 SAT Patch Nr: 371 |
| openSUSE 11.0 |
| ZYPP Patch Nr: 5872 SAT Patch Nr: 371 |
| openSUSE 11.1 |
| ZYPP Patch Nr: 5872 SAT Patch Nr: 371 |