Multiple cross-site scripting (XSS) vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.32, 6.0 before 6.0.30, and 7.0 before 7.0.6 allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the display-name tag.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
13 Feb 2023, 01:18
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | Multiple cross-site scripting (XSS) vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.32, 6.0 before 6.0.30, and 7.0 before 7.0.6 allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the display-name tag. |
02 Feb 2023, 14:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | CVE-2011-0013 tomcat: XSS vulnerability in HTML Manager interface |
Information
Published : 2011-02-19 01:00
Updated : 2023-12-10 11:03
NVD link : CVE-2011-0013
Mitre link : CVE-2011-0013
CVE.ORG link : CVE-2011-0013
JSON object : View
Products Affected
apache
- tomcat
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')