Apache Struts CVE-2015-5169 Cross Site Scripting Vulnerability
Description
When the Struts2 debug mode is turned on, under certain conditionsan arbitraryscript may be executed in the 'Problem Report' screen. Also if JSP files are exposed to be accessed directly it's possible to execute an arbitrary script.
Affected Applications
Apache Struts