Computer Security
[EN] securityvulns.ru no-pyccku


Apache Tomcat crossite scripting
updated since 04.06.2008
Published:25.02.2010
Source:
SecurityVulns ID:9044
Type:remote
Threat Level:
5/10
Description:host-manager username crossite scripting.
Affected:APACHE : Tomcat 5.5
 APACHE : Tomcat 6.0
 CA : CA Service Desk 12.1
CVE:CVE-2008-1947 (Cross-site scripting (XSS) vulnerability in Apache Tomcat 5.5.9 through 5.5.26 and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via the name parameter (aka the hostname attribute) to host-manager/html/add.)
Original documentdocumentCA, CA20100222-01: Security Notice for CA Service Desk (25.02.2010)
 documentAPACHE, [SECURITY] CVE-2008-1947: Tomcat host-manager XSS vulnerability (04.06.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod