CVE-2001-0829
Apache Tomcat 3.x is affected by a cross-site scripting vulnerability (CVE-2001-0829) in which a malicious user can craft a request for a JSP file so that the default error page echoes the user-supplied input without proper escaping. The root cause is the error page displaying unvalidated URLs, a...