Description

Multiple cross-site scripting (XSS) vulnerabilities in the appdev/sample/web/hello.jsp example application in Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.23, and 6.0.0 through 6.0.10 allow remote attackers to inject arbitrary web script or HTML via the test parameter and unspecified vectors.

Remediation

References

CVE-2007-1355

Related Vulnerabilities

Magento Incorrect Authorization Vulnerability (CVE-2021-28567)

WordPress Plugin Shortcoder-Create Shortcodes for Anything Security Bypass (6.3)

WordPress Plugin Paid Membership, Ecommerce, Registration Form, Login Form, User Profile & Restrict Content-ProfilePress Cross-Site Scripting (1.9.18)

WordPress Plugin Feed Them Social-for Twitter feed, Youtube and more Cross-Site Scripting (2.5.2.1)

Oracle HTTP Server Out-of-bounds Write Vulnerability (CVE-2021-44790)

Severity

Medium

Classification

CVE-2007-1355

Tags

Missing Update Known Vulnerabilities