Apache Tomcat cal2.jsp Cross Site Scripting Vulnerability

Summary
This host is running Apache Tomcat and is prone to Cross Site Scripting vulnerability.
Impact
Successful exploitation will allow remote attackers to inject arbitrary HTML codes in the context of the affected web application. Impact Level: Application
Solution
Update your cal2.jsp through SVN. Revision numbers are 750924 or 750928. http://tomcat.apache.org/security-6.html http://tomcat.apache.org/security-5.html http://tomcat.apache.org/security-4.html
Insight
The issue is due to input validation error in time parameter in 'jsp/cal/cal2.jsp' file in calendar application.
Affected
Apache Tomcat version 4.1.0 to 4.1.39, 5.5.0 to 5.5.27 and 6.0.0 to 6.0.18
References