ID CVE-2002-0682
Summary Cross-site scripting vulnerability in Apache Tomcat 4.0.3 allows remote attackers to execute script as other web users via script in a URL with the /servlet/ mapping, which does not filter the script when an exception is thrown by the servlet.
References
Vulnerable Configurations
  • Apache Software Foundation Tomcat 4.0.3
    cpe:2.3:a:apache:tomcat:4.0.3
CVSS
Base: 7.5 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
exploit-db via4
description Apache Tomcat 4.0.3 Servlet Mapping Cross Site Scripting Vulnerability. CVE-2002-0682. Remote exploit for linux platform
id EDB-ID:21604
last seen 2016-02-02
modified 2002-07-10
published 2002-07-10
reporter Matt Moore
source https://www.exploit-db.com/download/21604/
title Apache Tomcat 4.0.3 - Servlet Mapping Cross-Site Scripting Vulnerability
nessus via4
NASL family CGI abuses : XSS
NASL id APACHE_TOMCAT_SERVLET_XSS.NASL
description Apache Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. By using the /servlet/ mapping to invoke various servlets / classes it is possible to cause Tomcat to throw an exception, allowing XSS attacks.
last seen 2019-02-21
modified 2018-11-15
plugin id 11041
published 2002-07-10
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=11041
title Apache Tomcat /servlet Mapping XSS
refmap via4
bid 5193
bugtraq 20020710 wp-02-0008: Apache Tomcat Cross Site Scripting
osvdb 4973
vulnwatch 20020710 [VulnWatch] wp-02-0008: Apache Tomcat Cross Site Scripting
xf tomcat-servlet-xss(9520)
Last major update 17-10-2016 - 22:21
Published 23-07-2002 - 00:00
Last modified 21-03-2019 - 11:33
Back to Top