[jira] [Created] (TOMEE-4001) CVE-2022-34305 displaying user provided data without filtering, exposing a XSS vulnerability

Yugandher reddy vonteddu (Jira) Sun, 03 Jul 2022 21:38:07 -0700

Yugandher reddy vonteddu created TOMEE-4001:
-----------------------------------------------


             Summary: CVE-2022-34305 displaying user provided data without 
filtering, exposing a XSS vulnerability
                 Key: TOMEE-4001
                 URL: https://issues.apache.org/jira/browse/TOMEE-4001
             Project: TomEE
          Issue Type: Bug
    Affects Versions: 8.0.12
            Reporter: Yugandher reddy vonteddu


In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 
9.0.64 and 8.5.50 to 8.5.81 the Form authentication example in the examples web 
application displayed user provided data without filtering, exposing a XSS 
vulnerability.

[https://nvd.nist.gov/vuln/detail/CVE-2022-34305]

 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Created] (TOMEE-4001) CVE-2022-34305 displaying user provided data without filtering, exposing a XSS vulnerability

Reply via email to