3 matches found
CVE-2007-3384
Multiple cross-site scripting XSS vulnerabilities in examples/servlet/CookieExample in Apache Tomcat 3.3 through 3.3.2 allow remote attackers to inject arbitrary web script or HTML via the 1 Name or 2 Value field, related to error messages...
CVE-2007-3384
Apache Tomcat 3.3.x is affected by CVE-2007-3384: multiple XSS vulnerabilities in the examples/servlet/CookieExample allow remote attackers to inject arbitrary script/HTML via the Name or Value fields, related to error messages, in Tomcat 3.3 through 3.3.2. Exploitation details are described acro...
Apache Tomcat错误消息报告跨站脚本漏洞
CVE ID:CVE-2007-3384 CNCVE ID:CNCVE-20073384 Apache Tomcat是一个流行的开放源码的JSP应用服务器程序。 Apache Tomcat不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞进行跨站脚本攻击,获得敏感信息。 当报告错误消息时,在显示前Tomcat没有正确过滤用户提供的数据,可导致跨站脚本攻击,攻击者诱使用户访问可导致获得敏感信息。 Apache Software Foundation Tomcat 3.3.2 Apache Software Foundation Tomcat 3.3.1 a Apache Softwar...