Описание
The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 echoes user provided data without escaping and is, therefore, vulnerable to XSS. SSI is disabled by default. The printenv command is intended for debugging and is unlikely to be present in a production website.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| tomcat9 | fixed | 9.0.16-4 | package | |
| tomcat8 | removed | package | ||
| tomcat7 | removed | package | ||
| tomcat7 | ignored | stretch | package |
Примечания
affects debug channel, unlikely to be present in production websites:
https://mail-archives.apache.org/mod_mbox/www-announce/201905.mbox/%3Cb1905aa6-f340-8d0b-58c4-8ac3ebcbfa54@apache.org%3E
https://github.com/apache/tomcat/commit/15fcd16 (9.0.19)
https://github.com/apache/tomcat/commit/4fcdf70 (8.5.39)
https://github.com/apache/tomcat/commit/44ec74c (7.0.93)
EPSS
Связанные уязвимости
The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 echoes user provided data without escaping and is, therefore, vulnerable to XSS. SSI is disabled by default. The printenv command is intended for debugging and is unlikely to be present in a production website.
The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 echoes user provided data without escaping and is, therefore, vulnerable to XSS. SSI is disabled by default. The printenv command is intended for debugging and is unlikely to be present in a production website.
The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 echoes user provided data without escaping and is, therefore, vulnerable to XSS. SSI is disabled by default. The printenv command is intended for debugging and is unlikely to be present in a production website.
Уязвимость команды printenv сервера приложений Apache Tomcat, позволяющая нарушителю осуществить межсайтовую сценарную атаку
EPSS