Description

Multiple cross-site scripting (XSS) vulnerabilities in examples/servlet/CookieExample in Apache Tomcat 3.3 through 3.3.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Name or (2) Value field, related to error messages.

Remediation

References

CVE-2007-3384

Related Vulnerabilities

Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-18210)

WordPress Plugin WassUp Real Time Analytics 'spy.php' SQL Injection (1.4.3)

WordPress Plugin WP Hardening-Fix Your WordPress Security Cross-Site Scripting (1.2.1)

WordPress Plugin Microblog Poster SQL Injection (1.6.0)

OpenSSL Observable Discrepancy Vulnerability (CVE-2022-4304)

Severity

Medium

Classification

CVE-2007-3384

Tags

Missing Update Known Vulnerabilities