6.8
CVSSv2

CVE-2002-1567

CVSSv4: NA | CVSSv3: NA | CVSSv2: 6.8 | VMScore: 780 | EPSS: 0.01979 | KEV: Not Included
Published: 06/10/2003 Updated: 20/11/2024

Vulnerability Summary

Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1 allows remote malicious users to execute arbitrary web script and steal cookies via a URL with encoded newlines followed by a request to a .jsp file whose name contains the script.

Vulnerable Product Search on Vulmon Subscribe to Product

apache tomcat 4.1.0

Exploits

source: wwwsecurityfocuscom/bid/5542/info Jakarta Tomcat is a Java Servlet and JSP server produced by the Apache Software Foundation Tomcat is available for Microsoft Windows, Linux, and other Unix based operating systems A cross site scripting vulnerability has been reported in some versions of Tomcat Reportedly, if a HTTP request is ...