Lucene search
FreeBSDAB2575D6-39F0-11DC-B8CC-000FEA449B8AHistoryMay 19, 2007 - 12:00 a.m.
tomcat -- XSS vulnerability in sample applications
2007-05-1900:00:00
vuxml.freebsd.org
26
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.079 Low
EPSS
Percentile
94.2%
The Apache Project reports:
The JSP and Servlet included in the sample application within
the Tomcat documentation webapp did not escape user provided
data before including it in the output. This enabled a XSS
attack. These pages have been simplified not to use any user
provided data in the output.
Related
packetstorm
packetstorm
CVE-2007-1355.txt
2007-05-22 00:00:00
openvas
openvas
FreeBSD Ports: apache-tomcat
2008-09-04 00:00:00
Fedora Update for tomcat5 FEDORA-2007-3456
2009-02-27 00:00:00
securityvulns
securityvulns
[CVE-2007-1355] Tomcat documentation XSS vulnerabilities
2007-05-19 00:00:00
veracode
veracode
Cross-Site Scripting (XSS)
2019-03-25 08:40:43
ubuntucve
ubuntucve
CVE-2007-1355
2007-05-21 00:00:00
nessus
nessus
Tomcat Sample App hello.jsp 'test' Parameter XSS
2007-05-21 00:00:00
FreeBSD : tomcat -- XSS vulnerability in sample applications (ab2575d6-39f0-11dc-b8cc-000fea449b8a)
2007-07-27 00:00:00
Apache Tomcat < 6.0.13 Multiple Vulnerabilities
2011-11-18 00:00:00
tomcat
tomcat
Fixed in Apache Tomcat 5.5.24, 5.0.SVN
2007-03-08 00:00:00
Fixed in Apache Tomcat 6.0.11
2005-06-30 00:00:00
Fixed in Apache Tomcat 4.1.37
2005-10-06 00:00:00
prion
prion
Cross site scripting
2007-05-21 20:30:00
cve
cve
CVE-2007-1355
2007-05-21 20:30:00
fedora
fedora
[SECURITY] Fedora 8 Update: tomcat5-5.5.25-1jpp.1.fc8
2007-11-17 05:37:36
[SECURITY] Fedora 7 Update: tomcat5-5.5.25-1jpp.1.fc7
2007-11-17 05:34:43
[SECURITY] Fedora 7 Update: tomcat5-5.5.26-1jpp.2.fc7
2008-02-13 04:55:03
altlinux
altlinux
redhat
redhat
(RHSA-2008:0630) Low: Red Hat Network Satellite Server security update
2008-08-13 00:00:00
(RHSA-2008:0261) Moderate: Red Hat Network Satellite Server security update
2008-05-20 00:00:00
(RHSA-2008:0524) Low: Red Hat Network Satellite Server security update
2008-06-30 00:00:00
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.079 Low
EPSS
Percentile
94.2%
Related for AB2575D6-39F0-11DC-B8CC-000FEA449B8A