Vulnerability in N/a
CVE-2006-7196
Cross-site scripting (XSS) vulnerability in the calendar application example in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.15 allows remote attackers to inject arbitrary web script…
EPSS: 0.799 (99.1th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- tomcat.apache.org/security-4.html (x_refsource_CONFIRM)
- 34888 (x_refsource_OSVDB, vdb-entry)
- 29242 (x_refsource_SECUNIA, third-party-advisory)
- 20090127 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1) (mailing-list, x_refsource_BUGTRAQ)
- SUSE-SR:2008:005 (vendor-advisory, x_refsource_SUSE)
- 33668 (x_refsource_SECUNIA, third-party-advisory)
- 20090124 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (mailing-list, x_refsource_BUGTRAQ)
- 25531 (vdb-entry, x_refsource_BID)
- ADV-2007-1729 (vdb-entry, x_refsource_VUPEN)
- ADV-2009-0233 (vdb-entry, x_refsource_VUPEN)