exploitDog

CVE-2007-1358

Опубликовано: 06 июн. 2007

Источник: redhat

Описание

Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform to RFC 2616".

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-79

https://bugzilla.redhat.com/show_bug.cgi?id=244803tomcat accept-language xss flaw

Связанные уязвимости

CVE-2007-1358

ubuntu

около 18 лет назад

Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform to RFC 2616".

CVE-2007-1358

nvd

около 18 лет назад

Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform to RFC 2616".

CVE-2007-1358

debian

около 18 лет назад

Cross-site scripting (XSS) vulnerability in certain applications using ...

GHSA-xmc9-6p56-3c4v

github

около 3 лет назад

Apache Tomcat XSS In Accept-Language Headers

ELSA-2007-0327

oracle-oval

почти 18 лет назад

ELSA-2007-0327: Important: tomcat security update (IMPORTANT)