It exists that the Tomcat 8 SSI printenv command echoed user provided data without escaping it. An attacker could possibly use this issue to perform an XSS attack. (CVE-2019-0221)
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache tomcat |
||
apache tomcat 9.0.0 |
House of Larry delivers massive update for 93 products Updated your WordPress plugins lately? Here are 320,000 auth-bypassing reasons why you should
Oracle has released a sweeping set of security patches across the breadth of its software line. The January update, delivered one day after Microsoft, Intel, Adobe, and others dropped their scheduled monthly patches, addresses a total of 334 security vulnerabilities across 93 different products from the enterprise giant. As you may imagine, most IT admins will only need to test and apply a handful of the updates for their specific platforms. For Oracle's flagship Database Server, the update incl...