VYPR
Moderate severityNVD Advisory· Published Jun 23, 2022· Updated Aug 3, 2024

XSS in examples web application

CVE-2022-34305

Description

In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.apache.tomcat:tomcatMaven
>= 10.1.0-M1, < 10.1.0-M1710.1.0-M17
org.apache.tomcat:tomcatMaven
>= 10.0.0-M1, < 10.0.2210.0.22
org.apache.tomcat:tomcatMaven
>= 9.0.30, < 9.0.659.0.65
org.apache.tomcat:tomcatMaven
>= 8.5.50, < 8.5.828.5.82

Affected products

3

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.