Low: Apache Tomcat XSS in examples web application CVE-2022-34305
The Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability.
This was fixed with commit d6251d1c.
This issue was reported to the Apache Tomcat Security team on 22 June 2022. The issue was made public on 23 June 2022.
Affects: 10.1.0-M1 to 10.1.0-M16
CPE | Name | Operator | Version |
---|---|---|---|
apache tomcat | ge | 10.1.0-M1 | |
apache tomcat | le | 10.1.0-M16 |