2 matches found
CVE-2018-8031
The Apache TomEE console tomee-webapp has a XSS vulnerability which could allow javascript to be executed if the user is given a malicious URL. This web application is typically used to add TomEE features to a Tomcat installation. The TomEE bundles do not ship with this application included. This...
CVE-2018-8031
CVE-2018-8031 describes a Cross-site Scripting (XSS) vulnerability in the Apache TomEE console (tomee-webapp). The issue could allow arbitrary JavaScript execution when a user visits a malicious URL. TomEE bundles without this application or after setup, the UI can be removed to mitigate exposure...