Test ID:	1.3.6.1.4.1.25623.1.0.900496
Category:	Web application abuses
Title:	Apache Tiles Multiple XSS Vulnerabilities
Summary:	Apache Tiles is prone to multiple cross-site scripting vulnerabilities.
Description:	Summary: Apache Tiles is prone to multiple cross-site scripting vulnerabilities. Vulnerability Insight: This flaw is due to attribute values or templates being defined by using JSP tags 'tiles:putAttribute', 'tiles:insertTemplate' which are being evaluated twice. Vulnerability Impact: Successful exploitation will let the attacker access the server context inside the tiles web application and perform XSS attacks. Affected Software/OS: Apache Tiles version 2.1 to 2.1.1. Solution: Upgrade your Apache Tiles version to 2.1.2. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1275 BugTraq ID: 34657 http://www.securityfocus.com/bid/34657
Copyright	Copyright (C) 2009 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.