The version of Apache Tomcat installed on the remote host is < 10.0.23. It is, therefore, affected by a vulnerability as referenced in the fixed_in_apache_tomcat_10.0.23_security-10 advisory. Note that Nessus Network Monitor has not tested for this issue but has instead relied only on the application's self-reported version number.
FreeBSD : Tomcat -- XSS in examples web application (e2e7faf9-1b51-11ed-ae46-002b67dfc673)
Apache Tomcat < 8.5.82 Vulnerability
Apache Tomcat < 10.1.0-M17 Vulnerability
Apache Tomcat < 9.0.65 Vulnerability
Nutanix AOS : (NXSA-AOS-184.108.40.206)
Cross-site Scripting (XSS)
Apache Tomcat CVE-2022-34305
Confluence Apache Tomcat CVE-2022-34305
Security Bulletin: The CVE-2022-34305 vulnerability in Apache Tomcat affects App Connect Professional.
Security Bulletin: IBM Data Risk Manager is affected by multiple vulnerabilities including remote code execution in Apache Log4j 1.x
Fixed in Apache Tomcat 9.0.65
Fixed in Apache Tomcat 10.0.23
Fixed in Apache Tomcat 10.1.0-M17
Fixed in Apache Tomcat 8.5.82
Cross-site Scripting in Apache Tomcat