JVN#07100457 Apache Tomcat cross-site scripting vulnerability

Apache Tomcat, provided by the Apache Software Foundation, is an implementation of Java Servlets and JavaServer Pages technologies. Apache Tomcat Web Application Manager contains a cross-site scripting vulnerability. Impact When a user logs into Apache Tomcat Web Application Manager, an arbitrary...

CVE-2006-7196

Cross-site scripting (XSS) vulnerability in the calendar example (cal2.jsp) of Apache Tomcat affects 4.0.0–4.0.6, 4.1.0–4.1.31, 5.0.0–5.0.30, and 5.5.0–5.5.15. An attacker can inject arbitrary script via the time parameter to cal2.jsp (and possibly other vectors). This enables script execution in...