Improper Neutralization of Input During Web Page Generation in Apache Tomcat

Multiple cross-site scripting XSS vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.32, 6.0 before 6.0.30, and 7.0 before 7.0.6 allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the display-name tag...

GHSA-3P86-XGRQ-M6P6 Improper Neutralization of Input During Web Page Generation in Apache Tomcat

Multiple cross-site scripting XSS vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.32, 6.0 before 6.0.30, and 7.0 before 7.0.6 allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the display-name tag...

RHEL 5 : tomcat5 (RHSA-2011:1845)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:1845 advisory. - tomcat: file permission bypass flaw CVE-2010-3718 - tomcat: XSS vulnerability in HTML Manager interface CVE-2011-0013 - tomcat: Multiple...

tomcat: XSS vulnerability in HTML Manager interface

Multiple cross-site scripting XSS vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.32, 6.0 before 6.0.30, and 7.0 before 7.0.6 allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the display-name tag...

tomcat: XSS vulnerability in HTML Manager interface

Multiple cross-site scripting XSS vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.32, 6.0 before 6.0.30, and 7.0 before 7.0.6 allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the display-name tag...

tomcat: XSS vulnerability in HTML Manager interface

Multiple cross-site scripting XSS vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.32, 6.0 before 6.0.30, and 7.0 before 7.0.6 allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the display-name tag...

FreeBSD Ports: tomcat55

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2011 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Mandriva Update for tomcat5 MDVSA-2011:030 (tomcat5)

Check for the Version of tomcat5 OpenVAS Vulnerability Test Mandriva Update for tomcat5 MDVSA-2011:030 tomcat5 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.32, 6.0 before 6.0.30, and 7.0 before 7.0.6 allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the display-name tag...

CVE-2011-0013

CVE-2011-0013 describes XSS in the HTML Manager Interface of Apache Tomcat: affected are Tomcat 5.5 before 5.5.32, 6.0 before 6.0.30, and 7.0 before 7.0.6. The vulnerability allows remote attackers to inject arbitrary web script or HTML via the display-name tag. Mitigation is upgrading to the fix...

CVE-2011-0013

Multiple cross-site scripting XSS vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.32, 6.0 before 6.0.30, and 7.0 before 7.0.6 allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the display-name tag...

Apache Tomcat 7.0.0 < 7.0.6

The version of Tomcat installed on the remote host is prior to 7.0.6. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat7.0.6security-7 advisory. - Multiple cross-site scripting XSS vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.3...

Apache Tomcat 6.0.x < 6.0.30 Multiple Vulnerabilities

Binary data 800609.prm...

Fixed in Apache Tomcat 7.0.6

Low: Cross-site scripting CVE-2011-0013 The HTML Manager interface displayed web application provided data, such as display names, without filtering. A malicious web application could trigger script execution by an administrative user when viewing the manager pages. This was fixed in revision...