Our latest PCI scan using the Saint scanner shows the following:
404 Error Page Cross Site Scripting Vulnerability
12/21/09
Apache Tomcat is prone to a cross-site scripting vulnerability because
it fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute
I think application needs to take care of CSRF.
-Original Message-
From: carl [mailto:c...@etrak-plus.com]
Sent: Friday, July 04, 2014 6:43 PM
To: users@tomcat.apache.org
Subject: Tomcat cross-site scripting vulnerability
Our latest PCI scan using the Saint scanner shows the following:
Hello Filip
You solved my issue! Thank you very much!
Thanks everyone
João
On 04/07/2014 14:12, carl wrote:
Our latest PCI scan using the Saint scanner shows the following:
404 Error Page Cross Site Scripting Vulnerability
12/21/09
Apache Tomcat is prone to a cross-site scripting vulnerability because
it fails to properly sanitize user-supplied input.
An attacker
On 04/07/2014 05:56, Li Li wrote:
I have a background thread that is using hornetq client to receive jms
topic message from a remote hornetq broker. This thread is started as
ServletContextListener when tomcat starts.
But the tomcat throws strange Exception:
llegal access: this web
On 7/4/2014 9:31 AM, Mark Thomas wrote:
On 04/07/2014 14:12, carl wrote:
Our latest PCI scan using the Saint scanner shows the following:
404 Error Page Cross Site Scripting Vulnerability
12/21/09
Apache Tomcat is prone to a cross-site scripting vulnerability because
it fails to properly
Which version of tomcat you are using ??
Either upgrade to tomcat 7 or add this to your tomcat context.xml Context
useHttpOnly=true
Regards,
Vijendra
-Original Message-
From: Radha Krishna Meduri -X (radmedur - HCL TECHNOLOGIES LIMITED at Cisco)
[mailto:radme...@cisco.com]
Sent: 04
On 7/4/2014 9:46 AM, Vijendra Pachoriya wrote:
Which version of tomcat you are using ??
Either upgrade to tomcat 7 or add this to your tomcat context.xml Context
useHttpOnly=true
Regards,
Vijendra
-Original Message-
From: Radha Krishna Meduri -X (radmedur - HCL TECHNOLOGIES LIMITED
All,
I am trying to set up the jmx proxy servlet and am kinda stuck on security.
I would like to:
- restrict access to localhost
- restrict access to require basic authentication
Currently it works, though in the wrong order. This is how the request is
being processed right now:
1) user
I'm a little confused about the Host appBase attribute.
Let's say that my website resides in D:\www\site1
I don't like using {Tomcat}/webapps so I don't want to have it as a base
directory for websites. What I've been doing so far is create an empty
folder alongside webapps, named empty, and
Hello,
summary of my Problem:
When a client POSTs Tranfer-Encoding data using browser ,
my server is not processing the request character encoding properly .
I send the following request:
Content-Type text/html;charset=UTF-8
Date Sat, 05 Jul 2014 05:10:09 GMT
Server Apache-Coyote/1.1
11 matches
Mail list logo