logo

Advisories

Weaknesses

Fixes

Requirements

Compliance

CVE-2003-0044 org.apache.tomcat:tomcat

Package

Manager: maven
Name: org.apache.tomcat:tomcat
Vulnerable Version: >=3.0 <3.3.2

Severity

Level: Medium

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N/E:U/RL:O/RC:C

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

EPSS: 0.27285 pctl0.96222

Details

Jakarta Tomcat cross-site scripting (XSS) vulnerability Multiple cross-site scripting (XSS) vulnerabilities in the (1) examples and (2) ROOT web applications for Jakarta Tomcat 3.x through 3.3.1a allow remote attackers to insert arbitrary web script or HTML.

Metadata

Created: 2022-04-29T01:25:44Z
Modified: 2023-09-18T22:43:30Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/04/GHSA-5hgm-qm5m-5vmw/GHSA-5hgm-qm5m-5vmw.json
CWE IDs: ["CWE-79"]
Alternative ID: GHSA-5hgm-qm5m-5vmw
Finding: F008
Auto approve: 1