Red Hat Bugzilla – Bug 723828
CVE-2011-2087 struts: Multiple XSS flaws in component handlers in javatemplates plug-in
Last modified: 2016-03-04 05:46:49 EST
Common Vulnerabilities and Exposures assigned an identifier CVE-2011-2087 to the following vulnerability: Multiple cross-site scripting (XSS) vulnerabilities in component handlers in the javatemplates (aka Java Templates) plugin in Apache Struts 2.x before 2.2.3 allow remote attackers to inject arbitrary web script or HTML via an arbitrary parameter value to a .action URI, related to improper handling of value attributes in (1) FileHandler.java, (2) HiddenHandler.java, (3) PasswordHandler.java, (4) RadioHandler.java, (5) ResetHandler.java, (6) SelectHandler.java, (7) SubmitHandler.java, and (8) TextFieldHandler.java. References: [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2087 [2] http://struts.apache.org/2.2.3/docs/version-notes-223.html [3] https://issues.apache.org/jira/browse/WW-3597 [4] https://issues.apache.org/jira/browse/WW-3608 [5] http://www.vupen.com/english/advisories/2011/1198
Based on: [6] https://bugzilla.novell.com/show_bug.cgi?id=693976#c3 it's more than likely this flaw would not affect any of our Struts-1.x package version, shipped across different supported products. But we need to double-check, confirm and note this.
This issue only affects struts 2.x. The release notes for struts 2.2.3 show it fixed only in the 2.x stream: http://struts.apache.org/2.2.3/docs/version-notes-223.html Statement: Not vulnerable. This issue did not affect the versions of struts as shipped with Red Hat Enterprise Linux 5, Red Hat Network Satellite 5, JBoss Enterprise Web Server 1, JBoss Enterprise Application Platform 4, JBoss Enterprise Portal Platform 4 and JBoss Operations Network 2.