Tomcat 4.0.6 / 6.0.37 Struts 1.2.8 XSS CVE-2006-1548

Hello, I have a strange issue, I am trying to track down the root cause for an ancient CVE-2006-1548 http://struts.1045723.n5.nabble.com/DO-NOT-REPLY-Bug-38749-New-XSS-vulnerability-in-LookupDispatchAction-td3510079.html I can replicate the XSS in Tomcat 4.0.6, however in Tomcat 6.0.37 the html

Re: Tomcat 4.0.6 / 6.0.37 Struts 1.2.8 XSS CVE-2006-1548

18 at 11:46 Mark Thomas wrote: > On 17 May 2018 15:46:07 BST, Chris Bonk wrote: > >Hello, > > > >I have a strange issue, I am trying to track down the root cause for an > >ancient CVE-2006-1548 > > > > > http://struts.1045723.n5.nabble.com/DO-NOT-REPL