CVE-2005-3745 – Apache Struts 1.2.7 - Error Response Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2005-3745

22 Nov 2005 — Cross-site scripting (XSS) vulnerability in Apache Struts 1.2.7, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the query string, which is not properly quoted or filtered when the request handler generates an error message. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Apache Struts 1.2.7, y posiblemente otras versiones, permite a atacantes remotos inyectar 'script' web o HTML de su elección mediante la cadena de consulta, que no es entr... • https://www.exploit-db.com/exploits/26542 •