what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 1 of 1 RSS Feed


Apache Tomcat Cross Site Scripting
Posted Mar 6, 2009
Authored by Deniz Cevik | Site tomcat.apache.org

The calendar application for Apache Tomcat contains invalid HTML which renders the cross site scripting protection for the time parameter ineffective. An attacker can therefore perform an cross site scripting attack using the time attribute. Version affected include Tomcat 6.0.0 to 6.0.18, Tomcat 5.5.0 to 5.5.27, and Tomcat 4.1.0 to 4.1.39.

tags | exploit, xss
advisories | CVE-2009-0781
SHA-256 | 2fd4d18e046935391c0b4eb23d19aed3bf6cd14d57e11ae2522468cf694b91a4
Page 1 of 1

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By