Description

Multiple cross-site scripting (XSS) vulnerabilities in examples/servlet/CookieExample in Apache Tomcat 3.3 through 3.3.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Name or (2) Value field, related to error messages.

Remediation

References

CVE-2007-3384

Related Vulnerabilities

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-3180)

Oracle Database Server Improper Input Validation Vulnerability (CVE-2016-2381)

WordPress Plugin Easy Registration Forms CSV Injection (2.0.6)

WordPress Plugin Popup Maker-Popup for opt-ins, lead gen, & more Cross-Site Scripting (1.16.4)

WordPress Plugin Polylang Cross-Site Request Forgery (2.5)

Severity

Medium

Classification

CVE-2007-3384

Tags

Missing Update Known Vulnerabilities