Vulnerability & Exploit Database

Back to search

Apache Tomcat Host Manager Cross-Site Scripting Vulnerability

Severity CVSS Published Added Modified
4 (AV:N/AC:M/Au:N/C:N/I:P/A:N) June 03, 2008 June 17, 2008 February 12, 2015

Description

Some versions of Apache Tomcat fail to properly sanitize the the hostname parameter, "name". This could allow cross-site scripting attacks by injecting arbitrary web script or HTML via the 'name' parameter.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

References

Solution

tomcat-5x-upgrade-5_5_27

Related Vulnerabilities