Page 8 of 40 results (0.007 seconds)

CVSS: 4.3EPSS: 95%CPEs: 54EXPL: 1

Cross-site scripting (XSS) vulnerability in the calendar application example in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.15 allows remote attackers to inject arbitrary web script or HTML via the time parameter to cal2.jsp and possibly unspecified other vectors. NOTE: this may be related to CVE-2006-0254.1. Una vulnerabilidad de tipo Cross-Site Scripting (XSS) en el ejemplo de aplicación de calendario en Apache Tomcat versión 4.0.0 hasta 4.0.6, versión 4.1.0 hasta 4.1.31, versión 5.0.0 hasta 5.0.30 y versión 5.5.0 hasta 5.5.15 permite a atacantes remotos inyectar script web o HTML arbitrarias por medio del parámetro time hacia el archivo cal2.jsp y posiblemente otros vectores no especificados. NOTA: esto puede estar relacionado con CVE-2006-0254.1. • https://www.exploit-db.com/exploits/30563 http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html http://osvdb.org/34888 http://secunia.com/advisories/29242 http://secunia.com/advisories/33668 http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540 http://tomcat.apache.org/security-4.html http://tomcat.apache • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 1%CPEs: 1EXPL: 0

Multiple cross-site scripting (XSS) vulnerabilities in the example web applications for Jakarta Tomcat 5.5.6 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) el/functions.jsp, (2) el/implicit-objects.jsp, and (3) jspx/textRotate.jspx in examples/jsp2/, as demonstrated via script in a request to snp/snoop.jsp. NOTE: other XSS issues in the manager were simultaneously reported, but these require admin access and do not cross privilege boundaries. • http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065598.html http://marc.info/?l=tomcat-dev&m=110476790331536&w=2 http://marc.info/?l=tomcat-dev&m=110477195116951&w=2 http://rhn.redhat.com/errata/RHSA-2008-0630.html http://secunia.com/advisories/13737 http://secunia.com/advisories/31493 http://securitytracker.com/id?1012793 http://tomcat.apache.org/security-4.html http://tomcat.apache.org/security-5.html http://www.oliverkarow.de/research/jakarta556_ • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0

The HTTP/1.1 connector in Apache Tomcat 4.1.15 through 4.1.40 does not reject NULL bytes in a URL when allowLinking is configured, which allows remote attackers to read JSP source files and obtain sensitive information. • http://tomcat.apache.org/security-4.html http://www.securityfocus.com/bid/28483 https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 2.6EPSS: 0%CPEs: 6EXPL: 0

The AJP connector in Apache Tomcat 4.0.1 through 4.0.6 and 4.1.0 through 4.1.36, as used in Hitachi Cosminexus Application Server and standalone, does not properly handle when a connection is broken before request body data is sent in a POST request, which can lead to an information leak when "unsuitable request body data" is used for a different request, possibly related to Java Servlet pages. • http://jvn.jp/jp/JVN%2379314822/index.html http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html http://secunia.com/advisories/17019 http://secunia.com/advisories/30802 http://secunia.com/advisories/30899 http://secunia.com/advisories/30908 http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1 http://support.apple.com/kb/HT2163 http://tomcat.apache.org/security-4.html http://www.hitachi-support.com/security_e/vuls_e/HS05-019_e/01& • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.3EPSS: 97%CPEs: 2EXPL: 1

Jakarta Tomcat 5.0.19 (Coyote/1.1) and Tomcat 4.1.24 (Coyote/1.0) allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Tomcat to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling." • http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx http://docs.info.apple.com/article.html?artnum=306172 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795 http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html http://lists.vmware.com/pipermail/security-announce/2008/000003.html http://seclists.org/lists/bugtraq/2005/Jun/0025.html http://secuni •