Apache Tomcat is a lightweight Web application server from the Apache Foundation. The application implements support for Servlet and JavaServer Page (JSP).A cross-site scripting vulnerability exists in Apache Tomcat, which stems from the fact that the form authentication example in the sample web application does not filter the data provided by the user. An attacker could exploit this vulnerability to execute JavaScript code on the client side.