tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Thomas <ma...@apache.org>
Subject CVE-2007-3386: XSS in Host Manager
Date Tue, 14 Aug 2007 03:28:50 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

CVE-2007-3386: XSS in Host Manager

Severity:
Low (Cross-site scripting)

Vendor:
The Apache Software Foundation

Versions Affected:
6.0.0 to 6.0.13
5.5.0 to 5.5.24

Description:
The Host Manager Servlet does not filter user supplied data before
display. This enables an XSS attack.

Mitigation:
Log out (close browser) of the Host Manager application once admin
tasks are complete
Upgrade to 6.0.14

Credit:
This issue was discovered by the NTT OSS CENTER who worked with the
JPCERT/CC to report the vulnerability.

Example:
<form action="http://localhost:8080/host-manager/html/add" method="get">
<input type="hidden" NAME='name' VALUE="aaa">
<input type="hidden" NAME='aliases' VALUE="<script>alert()</script>">
<input type="submit">
</form>

References:
http://tomcat.apache.org/security.html


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGwSFyb7IeiTPGAkMRAlgMAKCe0hS+c6so9pxK3KfN7LggWv+3uQCfUsAg
95+vMfHDJlrKHP/yKUZ0SYc=
=1pQc
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message