CVE-2022-34305

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-34305
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-34305.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-34305
Aliases
Downstream
Related
Published
2022-06-23T11:15:07Z
Modified
2025-08-09T20:01:25Z
Severity
  • 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability.

References

Affected packages

Git / github.com/apache/tomcat

Affected ranges

Type
GIT
Repo
https://github.com/apache/tomcat
Events
Last affected
02c4004b52be88a04a7372577d56da0f9ed3a7fe
Last affected
02d546ba3c553c74ff1a99ecc166a6ff9c501ba8
Last affected
02e84c839def0228475fad85d0b19abc2f70b03f
Last affected
049799677ba307378a256621bb1a7b03f597571c
Last affected
0e59fedb28df646930c5aff945159b64d7a52260
Last affected
0f3f1e439a040068b741d77777766722e4420ad6
Introduced
4fab4cc012d0c31852e957d198cb0549f3d6074c
Last affected
1419d61f200be876baddb0997919fb82c230a857
Last affected
2a10c8d9110d7b1c7f526f3352648c6b19ba2c52
Introduced
c40ede65ea4fb44b1957ec482f28c7afa71f1b50
Last affected
2f283f89f49be662efa45af2c6a876d897159ddf
Last affected
51d1031c36c0f2b3ee1e0d14b56228a559144153
Last affected
8778a44d6323c1066237043a89ab2f36696916b1
Introduced
4c8b650437e2464c1c31c6598a263b3805b7a81f
Last affected
babca1854c6f7068069d501e7f6b9cca13943056
Last affected
cd53876fefaa370c31466b0f615e9ad026541a27
Last affected
d08498a3cefa7206bad791acf019455794f865ea
Last affected
dc3639dd7123301ced18dbf4ddf2dca93704870d
Last affected
dcf3e81b2e709574971c7a9592614d70c1b55bf7
Last affected
e706972942e2c342e4a37baf5e2596f11e8a0e94
Last affected
f2ab9ac8bc3f40ee9b2cb50b030c99df927f0429
Last affected
faa2582152d9dcbcb444700df340e10a85fc375f