Low: Apache Tomcat XSS in examples web application CVE-2022-34305
The Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability.
This was fixed with commit 8b60af90.
This issue was reported to the Apache Tomcat Security team on 22 June 2022. The issue was made public on 23 June 2022.
Affects: 9.0.30 to 9.0.64
CPE | Name | Operator | Version |
---|---|---|---|
apache tomcat | ge | 9.0.30 | |
apache tomcat | le | 9.0.64 |