Description

Multiple cross-site scripting (XSS) vulnerabilities in examples/servlet/CookieExample in Apache Tomcat 3.3 through 3.3.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Name or (2) Value field, related to error messages.

Remediation

References

CVE-2007-3384

Related Vulnerabilities

WordPress Plugin BackWPup Security Bypass (3.4.1)

Apache Tomcat CVE-2020-0822 Vulnerability (CVE-2020-0822)

Apache Traffic Server Improper Input Validation Vulnerability (CVE-2019-10079)

AngularJS Inefficient Regular Expression Complexity Vulnerability (CVE-2023-26117)

Roundcube Incorrect Resource Transfer Between Spheres Vulnerability (CVE-2026-35543)

Severity

Medium

Classification

CVE-2007-3384

Tags

Missing Update Known Vulnerabilities