← back
CVE-2015-2992

CVE-2015-2992

EPSS 7.2%
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 7.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
27 Feb 2020Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Apache Struts before 2.3.20 has a cross-site scripting (XSS) vulnerability.
Affected products
Apache Software Foundation · Apache Struts

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000124.htmlhttp://jvn.jp/en/jp/JVN88408929/index.htmlhttps://security.netapp.com/advisory/ntap-20200330-0001/http://www.securityfocus.com/bid/76624