Apache.Tomcat.Host.Manager.Name.XSS
Description
This indicates an attempt to exploit an XSS vulnerability in the Apache Tomcat host-manager web application.
The vulnerability is a result of the application's failure to check user input before being returned to the user. As a result, a remote attacker can send a crafted request to execute arbitrary Javascript code on the vulnerable system.
Affected Products
Apache Tomcat version 5.5.9 through 5.5.26.
Apache Tomcat version 6.0.0 through 6.0.16.
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Upgrade to latest version.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |