Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Apache Tomcat Other Vulnerability (CVE-2007-1355)

Description

Multiple cross-site scripting (XSS) vulnerabilities in the appdev/sample/web/hello.jsp example application in Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.23, and 6.0.0 through 6.0.10 allow remote attackers to inject arbitrary web script or HTML via the test parameter and unspecified vectors.

Remediation

References

Related Vulnerabilities

Squid Out-of-bounds Write Vulnerability (CVE-2019-12527)

MySQL CVE-2019-2687 Vulnerability (CVE-2019-2687)

Magento Deserialization of Untrusted Data Vulnerability (CVE-2019-8141)

WordPress Plugin Social Count Plus Cross-Site Scripting (3.0.2)

MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-8005)

Severity

Medium

Classification

CVE-2007-1355

Tags

Missing Update Known Vulnerabilities