New Search

HP-UX Apache Running Tomcat Servlet Engine Remote Information Disclosure Authentication Bypass Cross-Site Scripting (XSS) Unauthorized Access Denial of Service (DoS)

oval:org.mitre.oval:def:14945

Multiple cross-site scripting (XSS) vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.32 6.0 before 6.0.30 and 7.0 before 7.0.6 allow remote attackers to inject arbitrary web script or HTML as demonstrated via the display-name tag.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • HP-UX 11
Class:
vulnerability
Reference(s):
  • CVE-2011-0013
Product(s):