GHSA-36hp-4x3g-phrg
Suggest an improvement- Source
- https://github.com/advisories/GHSA-36hp-4x3g-phrg
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-36hp-4x3g-phrg/GHSA-36hp-4x3g-phrg.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-36hp-4x3g-phrg
- Aliases
-
- CVE-2007-3384
- Published
- 2022-05-01T18:13:15Z
- Modified
- 2023-11-08T03:56:48.125920Z
- Summary
- Apache Tomcat's CookieExample Vulnerable to XSS
- Details
-
Multiple cross-site scripting (XSS) vulnerabilities in
examples/servlet/CookieExamplein Apache Tomcat 3.3 through 3.3.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Name or (2) Value field, related to error messages. - Database specific
{ "nvd_published_at": "2007-08-08T01:17:00Z", "cwe_ids": [ "CWE-80" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2023-09-22T21:05:24Z" }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2007-3384
- https://web.archive.org/web/20070824135030/http://securityreason.com/securityalert/2971
- https://web.archive.org/web/20071117100258/http://securitytracker.com/alerts/2007/Aug/1018503.html
- https://web.archive.org/web/20170323011513/http://www.securityfocus.com/bid/25174
- https://web.archive.org/web/20201207035111/http://www.securityfocus.com/archive/1/475321/100/0/threaded
- http://tomcat.apache.org/security-3.html
Affected packages
Maven / org.apache.tomcat:tomcat
Package
- Name
- org.apache.tomcat:tomcat
- View open source insights on deps.dev
- Purl
- pkg:maven/org.apache.tomcat/tomcat