Cross-site scripting (XSS) vulnerability in Apache Tomcat 5.5.9 through 5.5.26 and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via the name parameter (aka the hostname attribute) to host-manager/html/add.
References
Configurations
Configuration 1 (hide)
|
History
13 Feb 2023, 02:19
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | Cross-site scripting (XSS) vulnerability in Apache Tomcat 5.5.9 through 5.5.26 and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via the name parameter (aka the hostname attribute) to host-manager/html/add. |
02 Feb 2023, 17:15
Type | Values Removed | Values Added |
---|---|---|
Summary | CVE-2008-1947 Tomcat host manager xss - name field | |
References |
|
|
Information
Published : 2008-06-04 19:32
Updated : 2023-12-10 10:51
NVD link : CVE-2008-1947
Mitre link : CVE-2008-1947
CVE.ORG link : CVE-2008-1947
JSON object : View
Products Affected
apache
- tomcat
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')