Apache Tomcat 7.0.x < 7.0.6 Cross-Site Scripting Vulnerability

2011-02-1300:00:00

Tenable

www.tenable.com

JSON

Versions of Tomcat 7.0.x earlier than 7.0.6 are potentially affected by a cross-site scripting vulnerability because the HTML Manager interface display web application provided data, such as display names, without filtering.

Binary data 800596.prm

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0013

tomcat.apache.org/security-7.html

JSON