Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2007-3383
HistoryJul 25, 2007 - 5:30 p.m.

CVE-2007-3383

2007-07-2517:30:00
NVD-CWE-Other
[email protected]
web.nvd.nist.gov
30
cve-2007-3383
cross-site scripting
xss
sendmailservlet
apache tomcat
web application security
remote code injection

5.5 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.494 Medium

EPSS

Percentile

97.5%

JSON

Cross-site scripting (XSS) vulnerability in SendMailServlet in the examples web application (examples/jsp/mail/sendmail.jsp) in Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.36 allows remote attackers to inject arbitrary web script or HTML via the From field and possibly other fields, related to generation of error messages.

References

Related

prion 1
github 1
cert 1
osv 1
veracode 1
nessus 4
securityvulns 2
ubuntucve 1
tomcat 1
openvas 2
prion
prion
Cross site scripting
2007-07-25 17:30:00
github
github
Apache Tomcat SendMailServlet XSS
2022-05-01 18:13:14
cert
cert
Apache Tomcat SendMailServlet example vulnerable to cross-site scripting via FROM field
2007-07-22 00:00:00
osv
osv
Apache Tomcat SendMailServlet XSS
2022-05-01 18:13:14
veracode
veracode
Cross-site Scripting (XSS)
2019-03-26 01:19:45
nessus
nessus
Apache Tomcat SendMailServlet sendmail.jsp 'mailfrom' Parameter XSS
2007-09-06 00:00:00
Apache Tomcat 4.x < 4.1.37 Multiple Vulnerabilities
2010-06-16 00:00:00
Mac OS X Multiple Vulnerabilities (Security Update 2008-004)
2008-07-01 00:00:00
securityvulns
securityvulns
CVE-2007-3383: XSS in Tomcat send mail example
2007-07-23 00:00:00
Apache Tomcat crossite scripting
2007-09-04 00:00:00
ubuntucve
ubuntucve
CVE-2007-3383
2007-07-25 00:00:00
tomcat
tomcat
Fixed in Apache Tomcat 4.1.37
2005-10-06 00:00:00
openvas
openvas
Mac OS X 10.5.4 Update / Mac OS X Security Update 2008-004
2010-05-12 00:00:00
Mac OS X 10.5.4 Update / Mac OS X Security Update 2008-004
2010-05-12 00:00:00

5.5 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.494 Medium

EPSS

Percentile

97.5%

JSON
Related for CVE-2007-3383
prion1github1cert1osv1veracode1nessus4securityvulns2ubuntucve1tomcat1openvas2