GoogleOSV:GHSA-5HGM-QM5M-5VMWJakarta Tomcat cross-site scripting (XSS) vulnerability
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.933 High
EPSS
Percentile
99.0%
Multiple cross-site scripting (XSS) vulnerabilities in the (1) examples and (2) ROOT web applications for Jakarta Tomcat 3.x through 3.3.1a allow remote attackers to insert arbitrary web script or HTML.
References
jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a
jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt
secunia.com/advisories/7972
www.ciac.org/ciac/bulletins/n-060.shtml
www.debian.org/security/2003/dsa-246
www.osvdb.org/9203
www.osvdb.org/9204
www.securityfocus.com/advisories/5111
www.securityfocus.com/bid/6720
exchange.xforce.ibmcloud.com/vulnerabilities/11196
nvd.nist.gov/vuln/detail/CVE-2003-0044
Related
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.933 High
EPSS
Percentile
99.0%