• The file hello.jsp is vulnerable to multiple XSS (cross-site scripting) vulnerabilities. This file is part of the Apache Tomcat documentation files which were installed during Tomcat installation.

• Remove Apache Tomcat documentation files from the server.

• • CVE-2007-1355: Tomcat documentation XSS vulnerabilities
  • Apache Tomcat Security

• 

• CVE-2007-1355

• CWE-79

• CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

• Test Files XSS

• WordPress Plugin FormCraft-Premium WordPress Form Builder Cross-Site Scripting (3.2.31)
• WordPress Plugin WooCommerce-Store Exporter Multiple Cross-Site Scripting Vulnerabilities (1.7.5)
• WordPress Plugin SlideDeck 2 Lite Responsive Content Slider Cross-Site Scripting (2.3.18)
• Drupal Core 5.x Cross-Site Scripting (5.0 - 5.2)
• WordPress Cross-Site Scripting Vulnerability (3.9 - 4.1.1)