Lucene search
Veracode Vulnerability DatabaseVERACODE:7759HistoryNov 13, 2018 - 4:46 a.m.
Cross-site Scripting (XSS)
2018-11-1304:46:45
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
3
0.647 Medium
EPSS
Percentile
97.9%
tomahawk is vulnerable to cross-site scripting (XSS) attacks. The vulnerability exists due to the lack of sanitization of the autoScroll parameter, allowing XSS attacks.
| CPE | Name | Operator | Version |
|---|---|---|---|
| tomahawk core | eq | 1.1.5 |
References
issues.apache.org/jira/secure/ReleaseNote.jspa?version=12312536&styleName=Text&projectId=12310272
labs.idefense.com/intelligence/vulnerabilities/display.php?id=544
osvdb.org/36377
secunia.com/advisories/25618
www.securityfocus.com/bid/24480
www.vupen.com/english/advisories/2007/2212
exchange.xforce.ibmcloud.com/vulnerabilities/34872
issues.apache.org/jira/browse/TOMAHAWK-1021
issues.apache.org/jira/secure/ReleaseNote.jspa?version=12312536&styleName=Text&projectId=12310272
Related
nessus
nessus
Apache MyFaces Tomahawk JSF Application autoscroll Multiple XSS
2007-06-19 00:00:00
nvd
nvd
CVE-2007-3101
2007-06-18 10:30:00
cve
cve
CVE-2007-3101
2007-06-18 10:30:00
securityvulns
securityvulns
prion
prion
Cross site scripting
2007-06-18 10:30:00
cvelist
cvelist
CVE-2007-3101
2007-06-18 10:00:00