GHSA-g77g-vjjm-x83j
Suggest an improvement- Source
- https://github.com/advisories/GHSA-g77g-vjjm-x83j
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-g77g-vjjm-x83j/GHSA-g77g-vjjm-x83j.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-g77g-vjjm-x83j
- Aliases
-
- CVE-2007-4724
- Published
- 2022-05-01T18:26:30Z
- Modified
- 2023-11-08T03:56:48.430184Z
- Summary
- Apache Tomcat Example Application CSRF and XSS Vulnerabilities
- Details
-
Cross-site request forgery (CSRF) vulnerability in cal2.jsp in the calendar examples application in Apache Tomcat 4.1.31 allows remote attackers to add events as arbitrary users via the time and description parameters.
- Database specific
{ "nvd_published_at": "2007-09-05T19:17:00Z", "cwe_ids": [ "CWE-352" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2023-09-22T21:06:56Z" }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2007-4724
- https://web.archive.org/web/20070911063436/http://securityreason.com/securityalert/3094
- https://web.archive.org/web/20081006123851/http://archives.neohapsis.com/archives/bugtraq/2007-09/0040.html
- https://web.archive.org/web/20200526022330/http://www.securityfocus.com/archive/1/478491/100/0/threaded
Affected packages
Maven / org.apache.tomcat:tomcat
Package
- Name
- org.apache.tomcat:tomcat
- View open source insights on deps.dev
- Purl
- pkg:maven/org.apache.tomcat/tomcat