Lucene search
Apache TomcatTOMCAT:97D3589F45C7020EA75365569675E385HistoryApr 25, 2007 - 12:00 a.m.
Fixed in Apache Tomcat 5.5.7, 5.0.SVN
2007-04-2500:00:00
Apache Tomcat
tomcat.apache.org
9
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.017 Low
EPSS
Percentile
87.7%
Low: Cross-site scripting CVE-2005-4838
Various JSPs included as part of the JSP examples and the Tomcat Manager are susceptible to a cross-site scripting attack as they do not escape user provided data before including it in the returned page.
Affects: 5.0.0-5.0.30, 5.5.0-5.5.6
| CPE | Name | Operator | Version |
|---|---|---|---|
| apache tomcat | ge | 5.0.0 | |
| apache tomcat | le | 5.0.30 | |
| apache tomcat | ge | 5.5.0 | |
| apache tomcat | le | 5.5.6 |
Related
nessus
nessus
Apache Tomcat JSP2 Examples XSS
2010-07-13 00:00:00
Apache Tomcat 4.x < 4.1.32 Multiple Vulnerabilities
2010-06-16 00:00:00
RHEL 4 : Satellite Server (RHSA-2008:0630)
2010-01-10 00:00:00
veracode
veracode
Cross-Site Scripting (XSS)
2020-04-10 00:32:54
ubuntucve
ubuntucve
CVE-2005-4838
2005-12-31 00:00:00
cve
cve
CVE-2005-4838
2005-12-31 05:00:00
tomcat
tomcat
Fixed in Apache Tomcat 4.1.32
2005-11-06 00:00:00
redhat
redhat
(RHSA-2008:0630) Low: Red Hat Network Satellite Server security update
2008-08-13 00:00:00
(RHSA-2008:0261) Moderate: Red Hat Network Satellite Server security update
2008-05-20 00:00:00
(RHSA-2008:0524) Low: Red Hat Network Satellite Server security update
2008-06-30 00:00:00
ibm
ibm
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.017 Low
EPSS
Percentile
87.7%
Related for TOMCAT:97D3589F45C7020EA75365569675E385