Computer Security
[EN] no-pyccku

Apache Tomcat crossite scripting
updated since 04.06.2008
SecurityVulns ID:9044
Threat Level:
Description:host-manager username crossite scripting.
Affected:APACHE : Tomcat 5.5
 APACHE : Tomcat 6.0
 CA : CA Service Desk 12.1
CVE:CVE-2008-1947 (Cross-site scripting (XSS) vulnerability in Apache Tomcat 5.5.9 through 5.5.26 and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via the name parameter (aka the hostname attribute) to host-manager/html/add.)
Original documentdocumentCA, CA20100222-01: Security Notice for CA Service Desk (25.02.2010)
 documentAPACHE, [SECURITY] CVE-2008-1947: Tomcat host-manager XSS vulnerability (04.06.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod