BIT-tomcat-2022-34305
See a problem?- Import Source
- https://github.com/bitnami/vulndb/tree/main/data/tomcat/BIT-tomcat-2022-34305.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/BIT-tomcat-2022-34305
- Aliases
- Published
- 2024-03-06T11:09:17.789Z
- Modified
- 2026-03-20T10:02:23.785226Z
- Summary
- XSS in examples web application
- Details
-
In Apache Tomcat 10.1.0 to 10.1.0, 10.0.0 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability.
- Database specific
{ "severity": "Medium", "cpes": [ "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:10.1.0:milestone10:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:10.1.0:milestone11:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:10.1.0:milestone12:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:10.1.0:milestone13:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:10.1.0:milestone14:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:10.1.0:milestone15:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:10.1.0:milestone16:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:10.1.0:milestone1:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:10.1.0:milestone2:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:10.1.0:milestone3:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:10.1.0:milestone4:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:10.1.0:milestone5:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:10.1.0:milestone6:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:10.1.0:milestone7:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:10.1.0:milestone8:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:10.1.0:milestone9:*:*:*:*:*:*" ] }- References
Affected packages
Bitnami / tomcat
Package
- Name
- tomcat
- Purl
- pkg:bitnami/tomcat
Severity
- 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator