Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2008-6682

EPSS 1.43% · P81
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2008-6682

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.0.x before 2.0.11.1 and 2.1.x before 2.1.1 allow remote attackers to inject arbitrary web script or HTML via vectors associated with improper handling of (1) " (double quote) characters in the href attribute of an s:a tag and (2) parameters in the action attribute of an s:url tag.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Apache Struts 多个跨站脚本攻击漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Apache Struts 2.0.11.1之前的2.0.x版本和2.1.1之前的2.1.x版本存在多个跨站脚本攻击漏洞。远程攻击者可以借助与对s:a标识的href属性中的"字符不恰当处理和s:url标识的行动属性中的参数相关的向量,注入任意的web脚本或HTML。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2008-6682

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2008-6682

Please Login to view more intelligence information

Same Patch Batch · n/a · 2009-04-09 · 31 CVEs total

CVE-2009-1155Cisco PIX和ASA设备绕过VPN认证漏洞
CVE-2009-1254James Stone Tunapie远程代码执行漏洞
CVE-2009-1253Tunapie不安全临时文件创建漏洞
CVE-2009-1251OpenAFS Unix缓存管理器堆溢出漏洞
CVE-2009-1250OpenAFS出错代码远程拒绝服务漏洞
CVE-2009-0847MIT Kerberos 解码器ASN.1函数get_input_token 拒绝服务漏洞
CVE-2009-0846MIT Kerberos 程序asn1_decode.c函数asn1_decode_generaltime 拒绝服务漏洞
CVE-2009-0844MIT Kerberos 工具SPNEGO函数get_input_token 拒绝服务漏洞
CVE-2009-1276Sun Solaris 和OpenSolaris信息泄露漏洞
CVE-2009-1275Apache Tiles 跨站脚本攻击和信息泄露漏洞
CVE-2009-1160Cisco PIX和ASA设备绕过ACL漏洞
CVE-2009-1159Cisco PIX和ASA设备SQL*Net报文拒绝服务漏洞
CVE-2009-1158Cisco PIX和ASA设备特制H.323报文拒绝服务漏洞
CVE-2009-1157Cisco PIX和ASA设备 特制TCP报文拒绝服务漏洞
CVE-2009-1156Cisco PIX和ASA设备特制HTTP报文拒绝服务漏洞
CVE-2009-1277Gravity Board X 'index.php' SQL注入漏洞
CVE-2009-1144Foolabs Xpdf本地特权提升漏洞
CVE-2009-0793OpenJDK 输入验证错误漏洞
CVE-2009-0197IrfanView 插件FORMATS 整数溢出漏洞
CVE-2008-6681Dojotoolkit Dojo 'dijit.Editor' 跨站脚本攻击漏洞

Showing top 20 of 31 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2008-6682

No comments yet

Leave a comment