Apache Tomcat from the Apache Software Foundation is an implementation of the Java Servlet and JavaServer Page (JSP) technologies.
Apache Tomcat contains a cross-site scripting vulnerability. It occurs when the value of the Accept-Language header sent from a client is non-standard.
The developer has confirmed that this vulnerability occurs when an outdated version of Flash is used.
An arbitrary script may be executed on the user's web browser.
Update the software
Apply the latest updates provided by the developer.
For more information, refer to the developer's website.
## Products Affected