Lucene search

K
cvelistRedhatCVELIST:CVE-2007-3386
HistoryAug 14, 2007 - 10:00 p.m.

CVE-2007-3386

2007-08-1422:00:00
redhat
www.cve.org
8

AI Score

6.8

Confidence

High

EPSS

0.012

Percentile

85.4%

Cross-site scripting (XSS) vulnerability in the Host Manager Servlet for Apache Tomcat 6.0.0 to 6.0.13 and 5.5.0 to 5.5.24 allows remote attackers to inject arbitrary HTML and web script via crafted requests, as demonstrated using the aliases parameter to an html/add action.

References