Lucene search

K
tomcatApache TomcatTOMCAT:EF109962CD817D1B323F904D966A1DB0
HistoryFeb 01, 2011 - 12:00 a.m.

Fixed in Apache Tomcat 5.5.32

2011-02-0100:00:00
Apache Tomcat
tomcat.apache.org
12

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

45.2%

Low: Cross-site scripting CVE-2011-0013

The HTML Manager interface displayed web application provided data, such as display names, without filtering. A malicious web application could trigger script execution by an administrative user when viewing the manager pages.

This was fixed in revision 1057518.

This was identified by the Tomcat security team on 12 Nov 2010 and made public on 5 Feb 2011.

Affects: 5.5.0-5.5.31

CPENameOperatorVersion
apache tomcatge5.5.0
apache tomcatle5.5.31

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

45.2%

Related for TOMCAT:EF109962CD817D1B323F904D966A1DB0