Apache Tomcat 9.0.0.M1 - Cross-Site Scripting (XSS) Vulnerability

Exploit Title: Apache Tomcat 9.0.0.M1 - Cross-Site Scripting XSS Exploit Author: Central InfoSec Version: Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39, and 7.0.0 to 7.0.93 CVE : CVE-2019-0221 Requirements: SSI support must be enabled within Apache Tomcat. SSI support is not enabled by...

CVE-2018-8031

The Apache TomEE console tomee-webapp has a XSS vulnerability which could allow javascript to be executed if the user is given a malicious URL. This web application is typically used to add TomEE features to a Tomcat installation. The TomEE bundles do not ship with this application included. This...

CVE-2018-8031

The Apache TomEE console tomee-webapp has a XSS vulnerability which could allow javascript to be executed if the user is given a malicious URL. This web application is typically used to add TomEE features to a Tomcat installation. The TomEE bundles do not ship with this application included. This...

Security Bulletin: Rational Build Forge Security Advisory (CVE-2013-4286)

Summary IBM Rational Build Forge is shipped with an Apache Tomcat. Apache Tomcat has released a patch that contains security vulnerability fixes and BuildForge is affected. These fixes have been added to the Rational Build Forge 7.1.3.5 iFix2 and 8.0.0.2 release. Vulnerability Details | Subscribe...