F5SOL9108SOL9108 - Apache Tomcat Cross-site scripting (XSS) vulnerability - CVE-2008-1232
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.02 Low
EPSS
Percentile
87.4%
A cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML through a crafted string that is used in the message argument to the HttpServletResponse.sendError method.
Information about this advisory is available at the following location:
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232>
Note: The previous link takes you to a resource outside of AskF5, and it is possible that the information may be removed without our knowledge.
Related
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.02 Low
EPSS
Percentile
87.4%