CVE-2007-3386 in Tomcatinfo

Zusammenfassung (Englisch)

Cross-site scripting (XSS) vulnerability in the Host Manager Servlet for Apache Tomcat 6.0.0 to 6.0.13 and 5.5.0 to 5.5.24 allows remote attackers to inject arbitrary HTML and web script via crafted requests, as demonstrated using the aliases parameter to an html/add action.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservieren

25.06.2007

Veröffentlichung

14.08.2007

Status

Bestätigt

Einträge

VulDB provides additional information and datapoints for this CVE:

ID	Schwachstelle	CWE	Aus	Mas	CVE
3256	Apache Tomcat Host Manager Servlet bis 6.0.14 aliases Cross-Site Scripting	79	High	Offizieller Fix	CVE-2007-3386

Beschreibung

CPE

CWE

CVSS

Exploits

History

Diff

Verknüpfen

Threat Intelligence

API JSON

API XML

API CSV

Quellen

MITRE
NVD
CVE Details

◂ ZurückÜbersichtWeiter ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!