Apache Tomcat is vulnerable to Cross-site scripting. An attacker is able to inject arbitrary Javascript into a user’s browser by sending a malicious code via a request for a .JSP
file, which will be executed on the victim’s browser when the error message is rendered.
CPE | Name | Operator | Version |
---|---|---|---|
tomcat-util | eq | 3.2.1 |