In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability.
{"veracode": [{"lastseen": "2022-07-02T02:30:49", "description": "tomcat is vulnerable to cross-site scripting. The vulnerability exists because the user-provided `name`, `value`, and `type` form attributes are not filtered before being displayed on the web page, allowing an attacker to inject and execute malicious javascript.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-06-24T04:07:07", "type": "veracode", "title": "Cross-site Scripting (XSS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-34305"], "modified": "2022-06-29T18:43:02", "id": "VERACODE:36106", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-36106/summary", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "nessus": [{"lastseen": "2022-07-01T21:06:25", "description": "The version of Apache Tomcat installed on the remote host is 8.5.50 to 8.5.81, 9.0.30 to 9.0.64, 10.0.0-M1 to 10.0.22 or 10.1.0-M1 to 10.1.0-M16. It is, therefore, affected by a Cross-Site Scripting (XSS) vulnerability. The Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability.\n\nNote that the scanner has not attempted to exploit these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2022-06-27T00:00:00", "type": "nessus", "title": "Apache Tomcat 10.0.0-M1 < 10.0.23 Cross-Site Scripting", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-34305"], "modified": "2022-06-27T00:00:00", "cpe": ["cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_113263", "href": "https://www.tenable.com/plugins/was/113263", "sourceData": "No source data", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-07-01T21:06:25", "description": "The version of Apache Tomcat installed on the remote host is 8.5.50 to 8.5.81, 9.0.30 to 9.0.64, 10.0.0-M1 to 10.0.22 or 10.1.0-M1 to 10.1.0-M16. It is, therefore, affected by a Cross-Site Scripting (XSS) vulnerability. The Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability.\n\nNote that the scanner has not attempted to exploit these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2022-06-27T00:00:00", "type": "nessus", "title": "Apache Tomcat 10.1.0-M1 < 10.1.0-M17 Cross-Site Scripting", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-34305"], "modified": "2022-06-27T00:00:00", "cpe": ["cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_113262", "href": "https://www.tenable.com/plugins/was/113262", "sourceData": "No source data", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-07-01T17:38:32", "description": "The version of Tomcat installed on the remote host is prior to 10.0.23. It is, therefore, affected by a vulnerability as referenced in the fixed_in_apache_tomcat_10.0.23_security-10 advisory.\n\n - In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability. (CVE-2022-34305)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2022-06-23T00:00:00", "type": "nessus", "title": "Apache Tomcat 10.0.0.M1 < 10.0.23 vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-34305"], "modified": "2022-06-23T00:00:00", "cpe": ["cpe:/a:apache:tomcat"], "id": "TOMCAT_10_0_23.NASL", "href": "https://www.tenable.com/plugins/nessus/162499", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162499);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/06/23\");\n\n script_cve_id(\"CVE-2022-34305\");\n\n script_name(english:\"Apache Tomcat 10.0.0.M1 < 10.0.23 vulnerability\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Apache Tomcat server is affected by a vulnerability\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Tomcat installed on the remote host is prior to 10.0.23. It is, therefore, affected by a vulnerability as\nreferenced in the fixed_in_apache_tomcat_10.0.23_security-10 advisory.\n\n - In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the\n Form authentication example in the examples web application displayed user provided data without\n filtering, exposing a XSS vulnerability. (CVE-2022-34305)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://github.com/apache/tomcat/commit/1a7e95d9c3ef18c4efb5eb997fd1553a71dc6c80\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d3e93497\");\n # https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.23\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2d58ef8e\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apache Tomcat version 10.0.23 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-34305\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/06/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/06/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apache:tomcat\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"tomcat_error_version.nasl\", \"tomcat_win_installed.nbin\", \"apache_tomcat_nix_installed.nbin\");\n script_require_keys(\"installed_sw/Apache Tomcat\");\n\n exit(0);\n}\n\ninclude('tomcat_version.inc');\n\ntomcat_check_version(fixed: '10.0.23', min:'10.0.0.M1', severity:SECURITY_WARNING, granularity_regex: \"^10(\\.0)?$\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-07-01T17:37:09", "description": "The version of Tomcat installed on the remote host is prior to 10.1.0.M17. It is, therefore, affected by a vulnerability as referenced in the fixed_in_apache_tomcat_10.1.0-m17_security-10 advisory.\n\n - In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability. (CVE-2022-34305)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2022-06-23T00:00:00", "type": "nessus", "title": "Apache Tomcat 10.1.0.M1 < 10.1.0.M17 vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-34305"], "modified": "2022-06-23T00:00:00", "cpe": ["cpe:/a:apache:tomcat"], "id": "TOMCAT_10_1_0_M17.NASL", "href": "https://www.tenable.com/plugins/nessus/162500", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162500);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/06/23\");\n\n script_cve_id(\"CVE-2022-34305\");\n\n script_name(english:\"Apache Tomcat 10.1.0.M1 < 10.1.0.M17 vulnerability\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Apache Tomcat server is affected by a vulnerability\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Tomcat installed on the remote host is prior to 10.1.0.M17. It is, therefore, affected by a vulnerability\nas referenced in the fixed_in_apache_tomcat_10.1.0-m17_security-10 advisory.\n\n - In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the\n Form authentication example in the examples web application displayed user provided data without\n filtering, exposing a XSS vulnerability. (CVE-2022-34305)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://github.com/apache/tomcat/commit/d6251d1cfb683f1bdd00ed022ac8e9b9a7e7792c\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d26e91c9\");\n # https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.0-M17\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0cfa77cc\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apache Tomcat version 10.1.0.M17 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-34305\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/06/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/06/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apache:tomcat\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"tomcat_error_version.nasl\", \"tomcat_win_installed.nbin\", \"apache_tomcat_nix_installed.nbin\");\n script_require_keys(\"installed_sw/Apache Tomcat\");\n\n exit(0);\n}\n\ninclude('tomcat_version.inc');\n\ntomcat_check_version(fixed: '10.1.0.M17', min:'10.1.0.M1', severity:SECURITY_WARNING, granularity_regex: \"^(10(\\.1(\\.0)?)?)$\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-07-01T17:39:11", "description": "The version of Tomcat installed on the remote host is prior to 8.5.82. It is, therefore, affected by a vulnerability as referenced in the fixed_in_apache_tomcat_8.5.82_security-8 advisory.\n\n - In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability. (CVE-2022-34305)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2022-06-23T00:00:00", "type": "nessus", "title": "Apache Tomcat 8.5.50 < 8.5.82 vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-34305"], "modified": "2022-06-23T00:00:00", "cpe": ["cpe:/a:apache:tomcat"], "id": "TOMCAT_8_5_82.NASL", "href": "https://www.tenable.com/plugins/nessus/162502", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162502);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/06/23\");\n\n script_cve_id(\"CVE-2022-34305\");\n\n script_name(english:\"Apache Tomcat 8.5.50 < 8.5.82 vulnerability\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Apache Tomcat server is affected by a vulnerability\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Tomcat installed on the remote host is prior to 8.5.82. It is, therefore, affected by a vulnerability as\nreferenced in the fixed_in_apache_tomcat_8.5.82_security-8 advisory.\n\n - In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the\n Form authentication example in the examples web application displayed user provided data without\n filtering, exposing a XSS vulnerability. (CVE-2022-34305)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://github.com/apache/tomcat/commit/5f6c88b054b0e4fbccff8b7f15974ed55d59a9f7\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e84fe261\");\n # https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.82\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?315f2329\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apache Tomcat version 8.5.82 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-34305\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/06/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/06/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apache:tomcat\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"tomcat_error_version.nasl\", \"tomcat_win_installed.nbin\", \"apache_tomcat_nix_installed.nbin\");\n script_require_keys(\"installed_sw/Apache Tomcat\");\n\n exit(0);\n}\n\ninclude('tomcat_version.inc');\n\ntomcat_check_version(fixed: '8.5.82', min:'8.5.50', severity:SECURITY_WARNING, granularity_regex: \"^8(\\.5)?$\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-07-01T21:06:24", "description": "The version of Apache Tomcat installed on the remote host is 8.5.50 to 8.5.81, 9.0.30 to 9.0.64, 10.0.0-M1 to 10.0.22 or 10.1.0-M1 to 10.1.0-M16. It is, therefore, affected by a Cross-Site Scripting (XSS) vulnerability. The Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability.\n\nNote that the scanner has not attempted to exploit these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2022-06-27T00:00:00", "type": "nessus", "title": "Apache Tomcat 9.0.30 < 9.0.65 Cross-Site Scripting", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-34305"], "modified": "2022-06-27T00:00:00", "cpe": ["cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_113264", "href": "https://www.tenable.com/plugins/was/113264", "sourceData": "No source data", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-07-01T21:06:22", "description": "The version of Apache Tomcat installed on the remote host is 8.5.50 to 8.5.81, 9.0.30 to 9.0.64, 10.0.0-M1 to 10.0.22 or 10.1.0-M1 to 10.1.0-M16. It is, therefore, affected by a Cross-Site Scripting (XSS) vulnerability. The Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability.\n\nNote that the scanner has not attempted to exploit these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2022-06-27T00:00:00", "type": "nessus", "title": "Apache Tomcat 8.5.50 < 8.5.82 Cross-Site Scripting", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-34305"], "modified": "2022-06-27T00:00:00", "cpe": ["cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_113265", "href": "https://www.tenable.com/plugins/was/113265", "sourceData": "No source data", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-07-01T17:37:56", "description": "The version of Tomcat installed on the remote host is prior to 9.0.65. It is, therefore, affected by a vulnerability as referenced in the fixed_in_apache_tomcat_9.0.65_security-9 advisory.\n\n - In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability. (CVE-2022-34305)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2022-06-23T00:00:00", "type": "nessus", "title": "Apache Tomcat 9.0.30 < 9.0.65 vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-34305"], "modified": "2022-06-23T00:00:00", "cpe": ["cpe:/a:apache:tomcat"], "id": "TOMCAT_9_0_65.NASL", "href": "https://www.tenable.com/plugins/nessus/162498", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162498);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/06/23\");\n\n script_cve_id(\"CVE-2022-34305\");\n\n script_name(english:\"Apache Tomcat 9.0.30 < 9.0.65 vulnerability\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Apache Tomcat server is affected by a vulnerability\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Tomcat installed on the remote host is prior to 9.0.65. It is, therefore, affected by a vulnerability as\nreferenced in the fixed_in_apache_tomcat_9.0.65_security-9 advisory.\n\n - In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the\n Form authentication example in the examples web application displayed user provided data without\n filtering, exposing a XSS vulnerability. (CVE-2022-34305)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://github.com/apache/tomcat/commit/8b60af90b99945379c2d1003277e0cabc6776bac\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?addecbc6\");\n # https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.65\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?18afbeaa\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apache Tomcat version 9.0.65 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-34305\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/06/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/06/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apache:tomcat\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"tomcat_error_version.nasl\", \"tomcat_win_installed.nbin\", \"apache_tomcat_nix_installed.nbin\");\n script_require_keys(\"installed_sw/Apache Tomcat\");\n\n exit(0);\n}\n\ninclude('tomcat_version.inc');\n\ntomcat_check_version(fixed: '9.0.65', min:'9.0.30', severity:SECURITY_WARNING, granularity_regex: \"^9(\\.0)?$\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "debiancve": [{"lastseen": "2022-07-04T06:02:45", "description": "In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-06-23T11:15:00", "type": "debiancve", "title": "CVE-2022-34305", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-34305"], "modified": "2022-06-23T11:15:00", "id": "DEBIANCVE:CVE-2022-34305", "href": "https://security-tracker.debian.org/tracker/CVE-2022-34305", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "github": [{"lastseen": "2022-07-05T19:57:36", "description": "In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-06-24T00:00:32", "type": "github", "title": "Cross-site Scripting in Apache Tomcat", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-34305"], "modified": "2022-07-05T18:03:05", "id": "GHSA-6J88-6WHG-X687", "href": "https://github.com/advisories/GHSA-6j88-6whg-x687", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "redhatcve": [{"lastseen": "2022-07-05T22:58:31", "description": "A flaw was found in the Apache Tomcat package. An example web application did not filter the form authentication example, exposing a Cross-site scripting (XSS) vulnerability.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-06-30T18:05:42", "type": "redhatcve", "title": "CVE-2022-34305", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-34305"], "modified": "2022-07-05T21:05:59", "id": "RH:CVE-2022-34305", "href": "https://access.redhat.com/security/cve/cve-2022-34305", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "osv": [{"lastseen": "2022-07-06T05:22:19", "description": "In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-06-24T00:00:32", "type": "osv", "title": "Cross-site Scripting in Apache Tomcat", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-34305"], "modified": "2022-07-06T01:42:55", "id": "OSV:GHSA-6J88-6WHG-X687", "href": "https://osv.dev/vulnerability/GHSA-6j88-6whg-x687", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}]}