exploitDog

CVE-2007-3386

Опубликовано: 14 авг. 2007

Источник: redhat

EPSS Средний

Описание

Cross-site scripting (XSS) vulnerability in the Host Manager Servlet for Apache Tomcat 6.0.0 to 6.0.13 and 5.5.0 to 5.5.24 allows remote attackers to inject arbitrary HTML and web script via crafted requests, as demonstrated using the aliases parameter to an html/add action.

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-79

https://bugzilla.redhat.com/show_bug.cgi?id=247994tomcat host manager xss

EPSS

Процентиль: 97%

0.46127

Средний

Связанные уязвимости

CVE-2007-3386

ubuntu

почти 18 лет назад

Cross-site scripting (XSS) vulnerability in the Host Manager Servlet for Apache Tomcat 6.0.0 to 6.0.13 and 5.5.0 to 5.5.24 allows remote attackers to inject arbitrary HTML and web script via crafted requests, as demonstrated using the aliases parameter to an html/add action.

CVE-2007-3386

nvd

почти 18 лет назад

Cross-site scripting (XSS) vulnerability in the Host Manager Servlet for Apache Tomcat 6.0.0 to 6.0.13 and 5.5.0 to 5.5.24 allows remote attackers to inject arbitrary HTML and web script via crafted requests, as demonstrated using the aliases parameter to an html/add action.

CVE-2007-3386

debian

почти 18 лет назад

Cross-site scripting (XSS) vulnerability in the Host Manager Servlet f ...

GHSA-v66v-63h2-8q5q

github

около 3 лет назад

Cross-site scripting (XSS) vulnerability in the Host Manager Servlet for Apache Tomcat 6.0.0 to 6.0.13 and 5.5.0 to 5.5.24 allows remote attackers to inject arbitrary HTML and web script via crafted requests, as demonstrated using the aliases parameter to an html/add action.

ELSA-2007-0871

oracle-oval

больше 17 лет назад

ELSA-2007-0871: Moderate: tomcat security update (MODERATE)

EPSS

Процентиль: 97%

0.46127

Средний