Lucene search
GitHub Advisory DatabaseGHSA-5HGM-QM5M-5VMWHistoryApr 29, 2022 - 1:25 a.m.
Jakarta Tomcat cross-site scripting (XSS) vulnerability
2022-04-2901:25:44
CWE-79
GitHub Advisory Database
github.com
6
0.933 High
EPSS
Percentile
99.1%
Multiple cross-site scripting (XSS) vulnerabilities in the (1) examples and (2) ROOT web applications for Jakarta Tomcat 3.x through 3.3.1a allow remote attackers to insert arbitrary web script or HTML.
| CPE | Name | Operator | Version |
|---|---|---|---|
| org.apache.tomcat:tomcat | le | 3.3.1a |
References
jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/
jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt
secunia.com/advisories/7972
www.ciac.org/ciac/bulletins/n-060.shtml
www.debian.org/security/2003/dsa-246
www.osvdb.org/9203
www.osvdb.org/9204
www.securityfocus.com/advisories/5111
www.securityfocus.com/bid/6720
exchange.xforce.ibmcloud.com/vulnerabilities/11196
github.com/advisories/GHSA-5hgm-qm5m-5vmw
nvd.nist.gov/vuln/detail/CVE-2003-0044
Related
tomcat
tomcat
Fixed in Apache Tomcat 3.3.2
2003-01-27 00:00:00
osv
osv
Jakarta Tomcat cross-site scripting (XSS) vulnerability
2022-04-29 01:25:44
tomcat - information exposure, cross site scripting
2003-01-29 00:00:00
cvelist
cvelist
CVE-2003-0044
2003-01-29 05:00:00
cve
cve
CVE-2003-0044
2003-02-07 05:00:00
nessus
nessus
Apache Tomcat 3.x < 3.3.2 Multiple Vulnerabilities
2010-11-09 00:00:00
Debian DSA-246-1 : tomcat - information exposure, XSS
2004-09-29 00:00:00
openvas
openvas
Debian Security Advisory DSA 246-1 (tomcat)
2008-01-17 00:00:00
Debian Security Advisory DSA 246-1 (tomcat)
2008-01-17 00:00:00
HP-UX Update for Tomcat HPSBUX00249
2009-05-05 00:00:00
debian
debian