The remote Apache Tomcat Server is vulnerable to cross script scripting and path disclosure issues. Description : The default installation of Tomcat includes various sample jsp pages and servlets. One of these, the 'TroubleShooter' servlet, discloses various information about the system on which Tomcat is installed. This servlet can also be used to perform cross-site scripting attacks against third party users.
Example files should not be left on production servers.
Updated on 2015-03-25
- Apache ActiveMQ 'admin/queueBrowse' Cross Site Scripting Vulnerability
- 7Media Web Solutions EduTrac Directory Traversal Vulnerability
- An Image Gallery Directory Traversal Vulnerability
- Apache Open For Business HTML injection vulnerability
- Apache Tomcat source.jsp malformed request information disclosure