资产安全
商业安全
安全服务
返回- 漏洞ID:1115813
- 漏洞类型:跨站脚本
- 发布日期:2008-08-01
- 更新时间:2015-04-13
- CVE编号: CVE-2008-1232
- CNNVD-ID:CNNVD-200808-023
- 漏洞平台:Multiple
- CVSS评分:4.3
<a href="https://www.exploit-db.com/exploits/32138" target="_blank">https://www.exploit-db.com/exploits/32138</a><br/> <a href="https://www.securityfocus.com/bid/30496" target="_blank">https://www.securityfocus.com/bid/30496</a><br/> <a href="https://cxsecurity.com/issue/WLB-2008080106" target="_blank">https://cxsecurity.com/issue/WLB-2008080106</a><br/> <a href="http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200808-023" target="_blank">http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200808-023</a><br/>
ApacheTomcat是一个流行的开放源码的JSP应用服务器程序。ApacheTomcat4.1.0到4.1.37,,5.5.0到5.5.26,6.0.0到6.0.16版本存在跨站脚本(XSS)漏洞。远程攻击者可通过构造特殊的HttpServletResponse.sendError()函数调用的message参数,注入任意Web脚本及HTML。
来源:BID
名称:30496
链接:http://www.securityfocus.com/bid/30496
来源:FEDORA
名称:FEDORA-2008-8130
链接:https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00889.html
来源:FEDORA
名称:FEDORA-2008-8113
链接:https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00859.html
来源:FEDORA
名称:FEDORA-2008-7977
链接:https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00712.html
来源:support.ca.com
链接:https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=214095
来源:support.ca.com
链接:https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=209500
来源:XF
名称:tomcat-httpservletresponse-xss(44155)
链接:http://xforce.iss.net/xforce/xfdb/44155
来源:VUPEN
名称:ADV-2009-2194
链接:http://www.vupen.com/english/advisories/2009/2194
来源:VUPEN
名称:ADV-2009-1609
链接:http://www.vupen.com/english/advisories/2009/1609
来源:VUPEN
名称:ADV-2009-0503
链接:http://www.vupen.com/english/advisories/2009/0503
来源:CONFIRM
名称:http://www.vmware.com/security/advisories/VMSA-2009-00
微信扫码关注公众号
