Security Bulletin: A Security vulnerability in Apache Tomcat used by Rational Build Forge (CVE-2017-15706)

Summary There is a potential security vulnerability in the Apache Tomcat used by Rational Build Forge. Vulnerability Details CVEID: CVE-2017-15706 DESCRIPTION: Apache Tomcat could provide weaker than expected security, caused by the incorrect documentation of the CGI search algorithm used by the...

Apache Tomcat Incorrectly Documented CGI Search Algorithm (Jan 2018) - Linux

Apache Tomcat has an incorrectly documented CGI search algorithm. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:tomcat";...

Apache Tomcat Incorrectly Documented CGI Search Algorithm (Jan 2018) - Windows

Apache Tomcat has an incorrectly documented CGI search algorithm. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:tomcat";...

Incorrect Documentation

Apache Tomcat contains incorrect documentation. The library's default documentation's CGI search algorithm was incorrect, and could have caused the outcome of scripts to be incorrect when executed...

KLA11189 DoS vulnerability in Apache Tomcat

An incorrectly documented CGI search algorithm was found in Apache Tomcat. By exploiting this vulnerability malicious users can cause denial of service. Technical details Note that the behaviour of the CGI servlet has remained unchanged in this regard. It is only the documentation of the behaviou...

Fixed in Apache Tomcat 7.0.84

Low: Incorrectly documented CGI search algorithm CVE-2017-15706 Note: The issue below was fixed in Apache Tomcat 7.0.83 but the release vote for the 7.0.83 release candidate did not pass. Therefore, although users must download 7.0.84 to obtain a version that includes the fix for this issue,...

doras.dcu.ie XSS vulnerability

Open Bug Bounty ID: OBB-150339 Description| Value ---|--- Affected Website:| doras.dcu.ie Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Unfixed XSS vulnerability at www.searchwhateveraustralia.com.au

Security researcher Uber0n, has submitted on 22/11/2007 a cross-site-scripting XSS vulnerability affecting www.searchwhateveraustralia.com.au, which at the time of submission ranked 1236274 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on...