CVE-2007-2450

NONECVSS 0.0

0.0

Multiple cross-site scripting (XSS) vulnerabilities in the (1) Manager and (2) Host Manager web applications in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote authenticated users to inject arbitrary web script or HTML via a parameter name to manager/html/upload, and other unspecified vectors.

🔗 References (84)

secalert@redhathttp://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx
secalert@redhathttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795
secalert@redhathttp://jvn.jp/jp/JVN%2307100457/index.html
secalert@redhathttp://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html
secalert@redhathttp://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
secalert@redhathttp://secunia.com/advisories/25678
secalert@redhathttp://secunia.com/advisories/26076
secalert@redhathttp://secunia.com/advisories/27037
secalert@redhathttp://secunia.com/advisories/27727
secalert@redhathttp://secunia.com/advisories/28549
secalert@redhathttp://secunia.com/advisories/30802
secalert@redhathttp://secunia.com/advisories/30899
secalert@redhathttp://secunia.com/advisories/30908
secalert@redhathttp://secunia.com/advisories/33668
secalert@redhathttp://securityreason.com/securityalert/2813

Is Your Infrastructure Affected by CVE-2007-2450?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2007-2450

📅 Published

🔄 Last Modified

🔗 References (84)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2007-2450?