Lines 1-3
Link Here
|
|
|
1 |
<vuln vid="e2e7faf9-1b51-11ed-ae46-002b67dfc673"> |
2 |
<topic>Tomcat -- XSS in examples web application</topic> |
3 |
<affects> |
4 |
<package> |
5 |
<name>tomcat</name> |
6 |
<range><ge>8.5.50</ge><lt>8.5.81</lt></range> |
7 |
<range><ge>9.0.30</ge><lt>9.0.64</lt></range> |
8 |
<range><ge>10.0.0-M1</ge><lt>10.0.22</lt></range> |
9 |
<range><ge>10.1.0-M1</ge><lt>10.1.0-M16</lt></range> |
10 |
</package> |
11 |
<package> |
12 |
<name>tomcat85</name> |
13 |
<range><ge>8.5.50</ge><lt>8.5.81</lt></range> |
14 |
</package> |
15 |
<package> |
16 |
<name>tomcat9</name> |
17 |
<range><ge>9.0.30</ge><lt>9.0.64</lt></range> |
18 |
</package> |
19 |
<package> |
20 |
<name>tomcat10</name> |
21 |
<range><ge>10.0.0-M1</ge><lt>10.0.22</lt></range> |
22 |
</package> |
23 |
<package> |
24 |
<name>tomcat-devel</name> |
25 |
<range><ge>10.1.0-M1</ge><lt>10.1.0-M16</lt></range> |
26 |
</package> |
27 |
</affects> |
28 |
<description> |
29 |
<body xmlns="http://www.w3.org/1999/xhtml"> |
30 |
<p>Apache Tomcat reports:</p> |
31 |
<blockquote cite="https://lists.apache.org/thread/k04zk0nq6w57m72w5gb0r6z9ryhmvr4k"> |
32 |
<p>The Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability.</p> |
33 |
</blockquote> |
34 |
</body> |
35 |
</description> |
36 |
<references> |
37 |
<cvename>CVE-2022-34305</cvename> |
38 |
<url>https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34305</url> |
39 |
</references> |
40 |
<dates> |
41 |
<discovery>2022-06-22</discovery> |
42 |
<entry>2022-08-13</entry> |
43 |
</dates> |
44 |
</vuln> |
45 |
|
1 |
<vuln vid="75c073cc-1a1d-11ed-bea0-48ee0c739857"> |
46 |
<vuln vid="75c073cc-1a1d-11ed-bea0-48ee0c739857"> |
2 |
<topic>XFCE tumbler -- Vulnerability in the GStreamer plugin</topic> |
47 |
<topic>XFCE tumbler -- Vulnerability in the GStreamer plugin</topic> |
3 |
<affects> |
48 |
<affects> |