tomcat -- Cross-site scripting vulnerability

ID 553EC4ED-38D6-11E0-94B1-000C29BA66D2
Type freebsd
Reporter FreeBSD
Modified 2011-09-30T00:00:00


The Tomcat security team reports:

The HTML Manager interface displayed web applciation provided data, such as display names, without filtering. A malicious web application could trigger script execution by an administartive user when viewing the manager pages.