...@cisco.com]
Sent: 04 July 2014 18:45
To: Tomcat Users List
Subject: RE: Tomcat cross-site scripting vulnerability
I think application needs to take care of CSRF.
-Original Message-
From: carl [mailto:c...@etrak-plus.com]
Sent: Friday, July 04, 2014 6:43 PM
To: users@tomcat.apache.org
Users List
Subject: RE: Tomcat cross-site scripting vulnerability
I think application needs to take care of CSRF.
-Original Message-
From: carl [mailto:c...@etrak-plus.com]
Sent: Friday, July 04, 2014 6:43 PM
To: users@tomcat.apache.org
Subject: Tomcat cross-site scripting vulnerability
On 7/4/2014 9:31 AM, Mark Thomas wrote:
On 04/07/2014 14:12, carl wrote:
Our latest PCI scan using the Saint scanner shows the following:
404 Error Page Cross Site Scripting Vulnerability
12/21/09
Apache Tomcat is prone to a cross-site scripting vulnerability because
it fails to properly sani
On 04/07/2014 14:12, carl wrote:
> Our latest PCI scan using the Saint scanner shows the following:
>
> 404 Error Page Cross Site Scripting Vulnerability
> 12/21/09
> Apache Tomcat is prone to a cross-site scripting vulnerability because
> it fails to properly sanitize user-supplied input.
> An at
I think application needs to take care of CSRF.
-Original Message-
From: carl [mailto:c...@etrak-plus.com]
Sent: Friday, July 04, 2014 6:43 PM
To: users@tomcat.apache.org
Subject: Tomcat cross-site scripting vulnerability
Our latest PCI scan using the Saint scanner shows the following
Our latest PCI scan using the Saint scanner shows the following:
404 Error Page Cross Site Scripting Vulnerability
12/21/09
Apache Tomcat is prone to a cross-site scripting vulnerability because
it fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arb
