logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2022-34305

Description

In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability.


Affected Package


OS OS Version Package Name Package Version
Debian 12 tomcat9 9.0.64-2
Debian 11 tomcat9 9.0.43-2~deb11u3
Debian 10 tomcat9 9.0.31-1~deb10u6
Debian 999 tomcat9 9.0.65-1

Related