GHSA-58hj-575g-5j25
Suggest an improvement- Source
- https://github.com/advisories/GHSA-58hj-575g-5j25
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/04/GHSA-58hj-575g-5j25/GHSA-58hj-575g-5j25.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-58hj-575g-5j25
- Aliases
-
- CVE-2001-0829
- Published
- 2022-04-30T18:16:47Z
- Modified
- 2023-11-08T03:56:44.769205Z
- Summary
- Apache Tomcat allows webmasters to insert xss into error messages
- Details
-
A cross-site scripting vulnerability in Apache Tomcat 3.2.1 allows a malicious webmaster to embed Javascript in a request for a .JSP file, which causes the Javascript to be inserted into an error message.
- Database specific
{ "github_reviewed": true, "cwe_ids": [ "CWE-80" ], "github_reviewed_at": "2023-09-18T22:35:47Z", "nvd_published_at": "2001-12-06T05:00:00Z", "severity": "MODERATE" }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2001-0829
- https://web.archive.org/web/20021108153830/http://online.securityfocus.com/bid/2982
- https://web.archive.org/web/20021201182720/http://jakarta.apache.org/tomcat/tomcat-3.2-doc/readme
- https://web.archive.org/web/20061208015126/http://archive.cert.uni-stuttgart.de/archive/bugtraq/2001/07/msg00021.html
Affected packages
Maven / org.apache.tomcat:tomcat
Package
- Name
- org.apache.tomcat:tomcat
- View open source insights on deps.dev
- Purl
- pkg:maven/org.apache.tomcat/tomcat