GHSA-5hgm-qm5m-5vmw

Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/04/GHSA-5hgm-qm5m-5vmw/GHSA-5hgm-qm5m-5vmw.json

Aliases

CVE-2003-0044

Published

2022-04-29T01:25:44Z

Modified

2023-09-18T22:43:30Z

Details

Multiple cross-site scripting (XSS) vulnerabilities in the (1) examples and (2) ROOT web applications for Jakarta Tomcat 3.x through 3.3.1a allow remote attackers to insert arbitrary web script or HTML.

References

https://nvd.nist.gov/vuln/detail/CVE-2003-0044
https://exchange.xforce.ibmcloud.com/vulnerabilities/11196
http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/
http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt
http://secunia.com/advisories/7972
http://www.ciac.org/ciac/bulletins/n-060.shtml
http://www.debian.org/security/2003/dsa-246
http://www.osvdb.org/9203
http://www.osvdb.org/9204
http://www.securityfocus.com/advisories/5111
http://www.securityfocus.com/bid/6720

Affected packages

Maven / org.apache.tomcat:tomcat

Source Details

Package Name: org.apache.tomcat:tomcat

Affected ranges

Type: ECOSYSTEM
Events: Introduced

3.0

Fixed

3.3.2

Ecosystem specific

{
    "affected_functions": [
        ""
    ]
}

Database specific

{
    "last_known_affected_version_range": "<= 3.3.1a"
}