FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

tomcat -- Tomcat Manager cross-site scripting

Affected packages
5.0.* <= jakarta-tomcat < 5.0.30_5
5.5.* <= jakarta-tomcat < 5.5.7

Details

VuXML ID 26a08c77-32da-4dd7-a884-a76fc49aa824
Discovery 2005-01-03
Entry 2005-06-01
Modified 2006-09-12

Oliver Karow discovered cross-site scripting issues in the Apache Jakarta Tomcat manager. The developers refer to the issues as minor.

References

Message http://www.mail-archive.com/tomcat-dev@jakarta.apache.org/msg66978.html
URL http://www.oliverkarow.de/research/jakarta556_xss.txt