12 matches found
SUSE CVE-2007-3383
Cross-site scripting XSS vulnerability in SendMailServlet in the examples web application examples/jsp/mail/sendmail.jsp in Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.36 allows remote attackers to inject arbitrary web script or HTML via the From field and possibly other fields, relat...
Apache Tomcat SendMailServlet XSS
Cross-site scripting XSS vulnerability in SendMailServlet in the examples web application examples/jsp/mail/sendmail.jsp in Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.36 allows remote attackers to inject arbitrary web script or HTML via the From field and possibly other fields, relat...
GHSA-WJWR-3JCH-479J Apache Tomcat SendMailServlet XSS
Cross-site scripting XSS vulnerability in SendMailServlet in the examples web application examples/jsp/mail/sendmail.jsp in Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.36 allows remote attackers to inject arbitrary web script or HTML via the From field and possibly other fields, relat...
Cross-site Scripting (XSS)
Apache Tomcat is vulnerable to cross-site scripting XSS. The vulnerabiilty is possible because there is no proper sanitization of input to the From field in SendMailServlet examples/jsp/mail/sendmail.jsp, allowing an attacker to inject arbitrary script through it...
Tomcat4 SendMailServlet sendmail.jsp存在XSS跨站漏洞
No description provided by source...
Apache Tomcat SendMailServlet sendmail.jsp 'mailfrom' Parameter XSS
The remote web server includes an example JSP application that fails to sanitize user-supplied input before using it to generate dynamic content in the 'examples/SendMailServlet' servlet. An unauthenticated remote attacker can exploit this issue to inject arbitrary HTML or script code into a user...
CVE-2007-3383
Cross-site scripting XSS vulnerability in SendMailServlet in the examples web application examples/jsp/mail/sendmail.jsp in Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.36 allows remote attackers to inject arbitrary web script or HTML via the From field and possibly other fields, relat...
Cross site scripting
Cross-site scripting XSS vulnerability in SendMailServlet in the examples web application examples/jsp/mail/sendmail.jsp in Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.36 allows remote attackers to inject arbitrary web script or HTML via the From field and possibly other fields, relat...
CVE-2007-3383
Cross-site scripting XSS vulnerability in SendMailServlet in the examples web application examples/jsp/mail/sendmail.jsp in Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.36 allows remote attackers to inject arbitrary web script or HTML via the From field and possibly other fields, relat...
CVE-2007-3383
CVE-2007-3383 is an XSS flaw in Apache Tomcat’s SendMailServlet (examples/jsp/mail/sendmail.jsp) affecting Tomcat 4.0.0–4.0.6 and 4.1.0–4.1.36. The vulnerability allows remote attackers to inject arbitrary script/HTML via the From field (and possibly other fields) during error-message generation....
CVE-2007-3383: XSS in Tomcat send mail example
CVE-2007-3383: XSS in Tomcat send mail example Severity: Low Cross-site scripting Vendor: The Apache Software Foundation Versions Affected: 4.0.0 to 4.0.6 4.1.0 to 4.1.36 Description: When reporting error messages, the SendMailServlet does not filter user supplied data before display. This enable...
Apache Tomcat SendMailServlet example vulnerable to cross-site scripting via FROM field
Overview The example SendMailServlet page that comes with Apache Tomcat is vulnerable to cross-site scripting via the "From" field. Description Apache Tomcat is an implementation of the Java Servlet and JavaServer Page JSP technologies. Apache Tomcat includes a sample page called SendMailServlet,...