5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.1 Low
EPSS
Percentile
94.9%
Low: Cross-site scripting CVE-2008-1232
The message argument of HttpServletResponse.sendError() call is not only displayed on the error page, but is also used for the reason-phrase of HTTP response. This may include characters that are illegal in HTTP headers. It is possible for a specially crafted message to result in arbitrary content being injected into the HTTP response. For a successful XSS attack, unfiltered user supplied data must be included in the message argument.
This was fixed in revision 680947.
This was first reported to the Tomcat security team on 24 Jan 2008 and made public on 1 Aug 2008.
Affects: 5.5.0-5.5.26
Low: Cross-site scripting CVE-2008-1947
The Host Manager web application did not escape user provided data before including it in the output. This enabled a XSS attack. This application now filters the data before use. This issue may be mitigated by logging out (closing the browser) of the application once the management tasks have been completed.
This was fixed in revision 662583.
This was first reported to the Tomcat security team on 15 May 2008 and made public on 28 May 2008.
Affects: 5.5.9-5.5.26
Important: Information disclosure CVE-2008-2370
When using a RequestDispatcher the target path was normalised before the query string was removed. A request that included a specially crafted request parameter could be used to access content that would otherwise be protected by a security constraint or by locating it in under the WEB-INF directory.
This was fixed in revision 680949.
This was first reported to the Tomcat security team on 13 Jun 2008 and made public on 1 August 2008.
Affects: 5.5.0-5.5.26
CPE | Name | Operator | Version |
---|---|---|---|
apache tomcat | ge | 5.5.0 | |
apache tomcat | le | 5.5.26 | |
apache tomcat | ge | 5.5.9 |