cbcvebase.
CVE-2005-3745
published 2005-11-22

CVE-2005-3745: Cross-site scripting (XSS) vulnerability in Apache Struts 1.2.7, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via…

PriorityP425medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
25.71%
97.7th percentile
Cross-site scripting (XSS) vulnerability in Apache Struts 1.2.7, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the query string, which is not properly quoted or filtered when the request handler generates an error message.

Affected

1 ranges
VendorProductVersion rangeFixed in
apachestruts

Detection & IOCsextracted from sources · hover to see the quote

urlhttp://www.example.com/struts-virtdir/alert('test').do
  • XSS payload is injected via the query string in a .do request path, triggering an error response from the Struts request handler — monitor HTTP requests to Struts endpoints (.do) containing script injection patterns in the URI/query string
  • The exploit PoC embeds JavaScript directly in the URL path segment (not query parameter) of a .do Struts action — inspect the full request URI, not just the query string, for script tags or JavaScript function calls
  • Exploitation may be used to steal cookie-based authentication credentials — correlate XSS attempts against Struts .do endpoints with subsequent suspicious cookie exfiltration activity
  • ·Vulnerability does NOT affect Struts running on Tomcat (Red Hat's supported configuration); only unsupported deployment modes are vulnerable

CVSS provenance

nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
vendor_redhat4.3MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.