Low severityNVD Advisory· Published Jun 14, 2007· Updated Apr 23, 2026
CVE-2007-2450
CVE-2007-2450
Description
Multiple cross-site scripting (XSS) vulnerabilities in the (1) Manager and (2) Host Manager web applications in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote authenticated users to inject arbitrary web script or HTML via a parameter name to manager/html/upload, and other unspecified vectors.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.apache.tomcat:tomcatMaven | >= 4.0.0, <= 4.0.6 | — |
org.apache.tomcat:tomcatMaven | >= 4.1.0, < 4.1.37 | 4.1.37 |
org.apache.tomcat:tomcatMaven | >= 5.0.0, <= 5.0.30 | — |
org.apache.tomcat:tomcatMaven | >= 5.5.0, < 5.5.25 | 5.5.25 |
org.apache.tomcat:tomcatMaven | >= 6.0.0, < 6.0.14 | 6.0.14 |
Affected products
88cpe:2.3:a:apache:tomcat:5.5.15:*:*:*:*:*:*:*+ 87 more
- cpe:2.3:a:apache:tomcat:5.5.15:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.16:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.17:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.18:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.3:beta:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.9:beta:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.10:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.15:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.24:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.28:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.31:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.36:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.19:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.21:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.22:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.23:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.24:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.25:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.26:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.27:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.28:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.29:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.30:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.5:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.6:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.7:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.8:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.9:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.10:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.11:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.12:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.13:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.14:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.19:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.20:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.21:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.22:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.23:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.24:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*
Patches
11bc3bcb2848fFix XSS issue in Manager and Host Manager. This is CVE-2007-2450.
2 files changed · +12 −4
java/org/apache/catalina/manager/host/HTMLHostManagerServlet.java+6 −1 modified@@ -32,6 +32,7 @@ import org.apache.catalina.Container; import org.apache.catalina.Host; +import org.apache.catalina.util.RequestUtil; import org.apache.catalina.util.ServerInfo; /** @@ -195,7 +196,11 @@ public void list(HttpServletRequest request, // Message Section args = new Object[3]; args[0] = sm.getString("htmlHostManagerServlet.messageLabel"); - args[1] = (message == null || message.length() == 0) ? "OK" : message; + if (message == null || message.length() == 0) { + args[1] = "OK"; + } else { + args[1] = RequestUtil.filter(message); + } writer.print(MessageFormat.format(Constants.MESSAGE_SECTION, args)); // Manager Section
java/org/apache/catalina/manager/HTMLManagerServlet.java+6 −3 modified@@ -130,8 +130,7 @@ public void doGet(HttpServletRequest request, message = stop(path); } else { message = - sm.getString("managerServlet.unknownCommand", - RequestUtil.filter(command)); + sm.getString("managerServlet.unknownCommand", command); } list(request, response, message); @@ -305,7 +304,11 @@ public void list(HttpServletRequest request, // Message Section args = new Object[3]; args[0] = sm.getString("htmlManagerServlet.messageLabel"); - args[1] = (message == null || message.length() == 0) ? "OK" : message; + if (message == null || message.length() == 0) { + args[1] = "OK"; + } else { + args[1] = RequestUtil.filter(message); + } writer.print(MessageFormat.format(Constants.MESSAGE_SECTION, args)); // Manager Section
Vulnerability mechanics
Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
63- tomcat.apache.org/security-4.htmlnvdPatchVendor AdvisoryWEB
- tomcat.apache.org/security-5.htmlnvdPatchVendor AdvisoryWEB
- tomcat.apache.org/security-6.htmlnvdPatchVendor AdvisoryWEB
- secunia.com/advisories/25678nvdVendor Advisory
- secunia.com/advisories/26076nvdVendor Advisory
- secunia.com/advisories/27037nvdVendor Advisory
- secunia.com/advisories/27727nvdVendor Advisory
- secunia.com/advisories/28549nvdVendor Advisory
- secunia.com/advisories/30802nvdVendor Advisory
- secunia.com/advisories/30899nvdVendor Advisory
- secunia.com/advisories/30908nvdVendor Advisory
- secunia.com/advisories/33668nvdVendor Advisory
- github.com/advisories/GHSA-5c5p-jxvx-x7j2ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2007-2450ghsaADVISORY
- community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspxnvdWEB
- h20000.www2.hp.com/bizsupport/TechSupport/Document.jspnvdWEB
- jvn.jp/jp/JVN%2307100457/index.htmlnvdWEB
- lists.apple.com/archives/security-announce/2008//Jun/msg00002.htmlnvdWEB
- lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.htmlnvdWEB
- sunsolve.sun.com/search/document.donvdWEB
- support.apple.com/kb/HT2163nvdWEB
- support.ca.com/irj/portal/anonymous/phpsupcontentnvdWEB
- www.debian.org/security/2008/dsa-1468nvdWEB
- www.mandriva.com/security/advisoriesnvdWEB
- www.redhat.com/support/errata/RHSA-2007-0569.htmlnvdWEB
- www.redhat.com/support/errata/RHSA-2008-0261.htmlnvdWEB
- exchange.xforce.ibmcloud.com/vulnerabilities/34868nvdWEB
- github.com/apache/tomcat/commit/1bc3bcb2848f478fd6674487d6dad507fd5dd686ghsaWEB
- lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3EghsaWEB
- lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3EghsaWEB
- lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3EghsaWEB
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11287nvdWEB
- web.archive.org/web/20071203205513/http://secunia.com/advisories/25678ghsaWEB
- web.archive.org/web/20080212014926/http://secunia.com/advisories/26076ghsaWEB
- web.archive.org/web/20080320042501/http://secunia.com/advisories/27727ghsaWEB
- web.archive.org/web/20080324012730/http://secunia.com/advisories/28549ghsaWEB
- web.archive.org/web/20080413164556/http://securitytracker.com/alerts/2007/Jun/1018245.htmlghsaWEB
- web.archive.org/web/20080724125033/http://secunia.com/advisories/27037ghsaWEB
- web.archive.org/web/20080801204240/http://secunia.com/advisories/30899ghsaWEB
- web.archive.org/web/20080801210056/http://secunia.com/advisories/30802ghsaWEB
- web.archive.org/web/20090623202429/http://secunia.com/advisories/33668ghsaWEB
- web.archive.org/web/20120809122231/http://secunia.com/advisories/30908ghsaWEB
- web.archive.org/web/20200229180652/http://www.securityfocus.com/bid/24475ghsaWEB
- web.archive.org/web/20200517122628/http://www.securityfocus.com/archive/1/500396/100/0/threadedghsaWEB
- web.archive.org/web/20200517153851/http://www.securityfocus.com/archive/1/500412/100/0/threadedghsaWEB
- web.archive.org/web/20200809062244/http://www.securityfocus.com/archive/1/471357/100/0/threadedghsaWEB
- web.archive.org/web/20201207215920/https://cxsecurity.com/issue/WLB-2007060074ghsaWEB
- www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.htmlnvdWEB
- securityreason.com/securityalert/2813nvd
- www.osvdb.org/36079nvd
- www.securityfocus.com/archive/1/471357/100/0/threadednvd
- www.securityfocus.com/archive/1/500396/100/0/threadednvd
- www.securityfocus.com/archive/1/500412/100/0/threadednvd
- www.securityfocus.com/bid/24475nvd
- www.securitytracker.com/idnvd
- www.vupen.com/english/advisories/2007/2213nvd
- www.vupen.com/english/advisories/2007/3386nvd
- www.vupen.com/english/advisories/2008/1979/referencesnvd
- www.vupen.com/english/advisories/2008/1981/referencesnvd
- www.vupen.com/english/advisories/2009/0233nvd
- lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3Envd
- lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3Envd
- lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3Envd
News mentions
0No linked articles in our index yet.