CVE-2022-34305

In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability.
CVSS

No CVSS.

Configurations

No configuration.

History

23 Jun 2022, 17:15

Type Values Removed Values Added
Summary In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability. In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability.
References
  • (MLIST) http://www.openwall.com/lists/oss-security/2022/06/23/1 -

23 Jun 2022, 11:15

Type Values Removed Values Added
New CVE

Information

Published : 2022-06-23 11:15

Updated : 2022-06-23 17:15


NVD link : CVE-2022-34305

Mitre link : CVE-2022-34305


JSON object : View

Products Affected

No product.

CWE

No CWE.