aboutsummaryrefslogtreecommitdiffstats
path: root/security/vuxml
diff options
context:
space:
mode:
authornectar <nectar@FreeBSD.org>2005-06-01 22:48:38 +0800
committernectar <nectar@FreeBSD.org>2005-06-01 22:48:38 +0800
commit7f307daa004071f9409dbe0f8da48d0683d87f7f (patch)
tree70cdf37b017f352612c6df5a50d0f03d95989c08 /security/vuxml
parent1c83ce0ba6b0bbcc01677eaed0cd79a464496000 (diff)
downloadfreebsd-ports-gnome-7f307daa004071f9409dbe0f8da48d0683d87f7f.tar.gz
freebsd-ports-gnome-7f307daa004071f9409dbe0f8da48d0683d87f7f.tar.zst
freebsd-ports-gnome-7f307daa004071f9409dbe0f8da48d0683d87f7f.zip
document Apache Jakarta Tomcat 5.x XSS issue
Diffstat (limited to 'security/vuxml')
-rw-r--r--security/vuxml/vuln.xml25
1 files changed, 25 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index febf67cfbf9f..5f08cb60ad9a 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -32,6 +32,31 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="26a08c77-32da-4dd7-a884-a76fc49aa824">
+ <topic>tomcat -- Tomcat Manager cross-site scripting</topic>
+ <affects>
+ <package>
+ <name>jakarta-tomcat</name>
+ <range><ge>5.*</ge><lt>5.5.7</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Oliver Karow discovered cross-site scripting issues in
+ the Apache Jakarta Tomcat manager. The developers refer to
+ the issues as <q>minor</q>.</p>
+ </body>
+ </description>
+ <references>
+ <url>http://www.oliverkarow.de/research/jakarta556_xss.txt</url>
+ <mlist>http://www.mail-archive.com/tomcat-dev@jakarta.apache.org/msg66978.html</mlist>
+ </references>
+ <dates>
+ <discovery>2005-01-03</discovery>
+ <entry>2005-06-01</entry>
+ </dates>
+ </vuln>
+
<vuln vid="84479a62-ca5f-11d9-b772-000c29b00e99">
<topic>fswiki - XSS problem in file upload form</topic>
<affects>
generated by cgit (git 2.34.1) at 2025-03-04 11:05:17 +0800