VYPR

Myfaces Tomahawk

by Apache

CVEs (1)

  • CVE-2007-3101Jun 18, 2007
    risk 0.07cvss epss 0.44

    Multiple cross-site scripting (XSS) vulnerabilities in certain JSF applications in Apache MyFaces Tomahawk before 1.1.6 allow remote attackers to inject arbitrary web script via the autoscroll parameter, which is injected into Javascript that is sent to the client.