Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2007/06/19 12:0 a.m.145 views

Apache MyFaces Tomahawk JSF Application autoscroll Multiple XSS

The remote web server uses an implementation of the Apache MyFaces Tomahawk JSF framework that fails to sanitize user-supplied input to the 'autoScroll' parameter before using it to generate dynamic content. An unauthenticated, remote attacker may be able to leverage this issue to inject arbitrar...

4.3CVSS5.8AI score0.44453EPSS
Exploits0References5
NVD
NVD
added 2007/06/18 10:30 a.m.17 views

CVE-2007-3101

Multiple cross-site scripting XSS vulnerabilities in certain JSF applications in Apache MyFaces Tomahawk before 1.1.6 allow remote attackers to inject arbitrary web script via the autoscroll parameter, which is injected into Javascript that is sent to the client...

4.3CVSS5.8AI score0.44453EPSS
Exploits0References7
CVE
CVE
added 2007/06/18 10:0 a.m.53 views

CVE-2007-3101

CVE-2007-3101 corresponds to XSS in Apache MyFaces Tomahawk JSF framework prior to 1.1.6. The vulnerability arises from unsanitized autoscroll input that is injected into Javascript sent to clients, enabling remote script execution in the user’s browser. Remediation: upgrade to MyFaces Tomahawk 1...

4.3CVSS5.8AI score0.44453EPSS
Exploits0References7Affected Software1
securityvulns
securityvulns
added 2007/06/15 12:0 a.m.62 views

iDefense Security Advisory 06.14.07: Apache MyFaces Tomahawk JSF Framework Cross-Site Scripting (XSS) Vulnerability

Apache MyFaces Tomahawk JSF Framework Cross-Site Scripting XSS Vulnerability iDefense Security Advisory 06.14.07 http://labs.idefense.com/intelligence/vulnerabilities/ Jun 14, 2007 I. BACKGROUND Java Server Faces, JSF, is a framework used to create server side GUI Web applications. It is comparab...

4.3CVSS0.2AI score0.44453EPSS
Exploits0
Rows per page
Query Builder