Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
tomcatApache TomcatTOMCAT:3CF3641DC8DF18E0CDCD7444E992E18B
HistorySep 18, 2003 - 12:00 a.m.

Fixed in Apache Tomcat 4.1.29

2003-09-1800:00:00
Apache Tomcat
tomcat.apache.org
10

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.007 Low

EPSS

Percentile

80.6%

JSON

Moderate: Cross-site scripting CVE-2002-1567

The unmodified requested URL is included in the 404 response header. The new lines in this URL appear to the client to be the end of the header section. The remaining part of the URL, including the script elements, is treated as part of the response body and the client executes the script. Tomcat now replaces potentially unsafe characters in the response headers with spaces.

Affects: 4.1.0-4.1.28

CPENameOperatorVersion
apache tomcatge4.1.0
apache tomcatle4.1.28

Related

osv 1
nessus 1
nvd 1
github 1
cve 1
cvelist 1
osv
osv
Apache Tomcat XSS Vulnerability
2022-04-30 18:21:25
nessus
nessus
Apache Tomcat 4.1 XSS
2010-07-14 00:00:00
nvd
nvd
CVE-2002-1567
2003-10-06 04:00:00
github
github
Apache Tomcat XSS Vulnerability
2022-04-30 18:21:25
cve
cve
CVE-2002-1567
2003-10-06 04:00:00
cvelist
cvelist
CVE-2002-1567
2003-09-19 04:00:00

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.007 Low

EPSS

Percentile

80.6%

JSON
Related for TOMCAT:3CF3641DC8DF18E0CDCD7444E992E18B
osv1nessus1nvd1github1cve1cvelist1