Lucene search
Tushar VartakEDB-ID:30563HistorySep 04, 2007 - 12:00 a.m.
Apache Tomcat 5.5.15 - cal2.jsp Cross-Site Scripting
2007-09-0400:00:00
Tushar Vartak
www.exploit-db.com
57
source: https://www.securityfocus.com/bid/25531/info
Apache Tomcat is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
This issue affects Apache Tomcat 4.1.31; other versions may also be affected.
http://www.example.com/examples/jsp/cal/cal2.jsp?time=8am%3cscript%3ealert("XSS!")%3c%2fscript%3e Related
veracode
veracode
Cross-Site Scripting (XSS)
2019-03-25 08:40:41
nessus
nessus
Apache Tomcat Sample App cal2.jsp 'time' Parameter XSS (CVE-2006-7196)
2007-09-24 00:00:00
Apache Tomcat 4.x < 4.1.32 Multiple Vulnerabilities
2010-06-16 00:00:00
openSUSE 10 Security Update : apache2-mod_jk (apache2-mod_jk-4992)
2008-02-29 00:00:00
tomcat
tomcat
Fixed in Apache Tomcat 5.5.16, 5.0.SVN
2006-03-15 00:00:00
Fixed in Apache Tomcat 4.1.32
2005-11-06 00:00:00
cve
cve
CVE-2006-7196
2007-05-10 00:19:00
cvelist
cvelist
CVE-2006-7196
2007-05-09 22:00:00
osv
osv
Cross-site scripting in Apache Tomcat
2022-05-01 07:45:38
ubuntucve
ubuntucve
CVE-2006-7196
2007-05-10 00:00:00
nvd
nvd
CVE-2006-7196
2007-05-10 00:19:00
github
github
Cross-site scripting in Apache Tomcat
2022-05-01 07:45:38
redhat
redhat
(RHSA-2007:0326) Important: tomcat security update
2007-05-21 00:00:00
(RHSA-2008:0261) Moderate: Red Hat Network Satellite Server security update
2008-05-20 00:00:00
(RHSA-2008:0524) Low: Red Hat Network Satellite Server security update
2008-06-30 00:00:00
securityvulns
securityvulns
openvas
openvas
Ubuntu USN-711-1 (ktorrent)
2009-02-02 00:00:00
Ubuntu USN-712-1 (vim)
2009-02-02 00:00:00
Ubuntu USN-710-1 (xine-lib)
2009-02-02 00:00:00