CVE-2008-1947

Published: Jun 4, 2008

Modified: Aug 7, 2024

PUBLISHED

Description

Cross-site scripting (XSS) vulnerability in Apache Tomcat 5.5.9 through 5.5.26 and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via the name parameter (aka the hostname attribute) to host-manager/html/add.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20080602 [SECURITY] CVE-2008-1947: Tomcat host-manager XSS vulnerability

mailing-list

x_refsource_BUGTRAQ

30500

third-party-advisory

x_refsource_SECUNIA

RHSA-2008:0862

vendor-advisory

x_refsource_REDHAT

34013

third-party-advisory

x_refsource_SECUNIA

[tomcat-user] 20080602 [SECURITY] CVE-2008-1947: Tomcat host-manager XSS vulnerability

mailing-list

x_refsource_MLIST

oval:org.mitre.oval:def:6009

vdb-entry

signature

x_refsource_OVAL

ADV-2008-2823

vdb-entry

x_refsource_VUPEN

apache-tomcat-hostmanager-xss(42816)

vdb-entry

x_refsource_XF

37460

third-party-advisory

x_refsource_SECUNIA

http://www.vmware.com/security/advisories/VMSA-2009-0002.html

x_refsource_CONFIRM

31681

vdb-entry

x_refsource_BID

32120

third-party-advisory

x_refsource_SECUNIA

http://www.vmware.com/security/advisories/VMSA-2009-0016.html

x_refsource_CONFIRM

ADV-2008-1725

vdb-entry

x_refsource_VUPEN

30592

third-party-advisory

x_refsource_SECUNIA

33999

third-party-advisory

x_refsource_SECUNIA

oval:org.mitre.oval:def:11534

vdb-entry

signature

x_refsource_OVAL

29502

vdb-entry

x_refsource_BID

31865

third-party-advisory

x_refsource_SECUNIA

FEDORA-2008-8130

vendor-advisory

x_refsource_FEDORA

31639

third-party-advisory

x_refsource_SECUNIA

30967

third-party-advisory

x_refsource_SECUNIA

MDVSA-2008:188

vendor-advisory

x_refsource_MANDRIVA

http://support.avaya.com/elmodocs2/security/ASA-2008-401.htm

x_refsource_CONFIRM

ADV-2009-0320

vdb-entry

x_refsource_VUPEN

20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components

mailing-list

x_refsource_BUGTRAQ

RHSA-2008:0864

vendor-advisory

x_refsource_REDHAT

SUSE-SR:2009:004

vendor-advisory

x_refsource_SUSE

http://tomcat.apache.org/security-6.html

x_refsource_CONFIRM

57126

third-party-advisory

x_refsource_SECUNIA

32222

third-party-advisory

x_refsource_SECUNIA

31891

third-party-advisory

x_refsource_SECUNIA

33797

third-party-advisory

x_refsource_SECUNIA

1020624

vdb-entry

x_refsource_SECTRACK

SUSE-SR:2008:014

vendor-advisory

x_refsource_SUSE

FEDORA-2008-7977

vendor-advisory

x_refsource_FEDORA

FEDORA-2008-8113

vendor-advisory

x_refsource_FEDORA

http://tomcat.apache.org/security-5.html

x_refsource_CONFIRM

ADV-2008-2780

vdb-entry

x_refsource_VUPEN

HPSBUX02401

vendor-advisory

x_refsource_HP

HPSBST02955

vendor-advisory

x_refsource_HP

APPLE-SA-2008-10-09

vendor-advisory

x_refsource_APPLE

http://support.apple.com/kb/HT3216

x_refsource_CONFIRM

ADV-2009-0503

vdb-entry

x_refsource_VUPEN

ADV-2009-3316

vdb-entry

x_refsource_VUPEN

SSRT090005

vendor-advisory

x_refsource_HP

DSA-1593

vendor-advisory

x_refsource_DEBIAN

32266

third-party-advisory

x_refsource_SECUNIA

RHSA-2008:0648

vendor-advisory

x_refsource_REDHAT

[tomcat-dev] 20190319 svn commit: r1855831 [22/30] - in /tomcat/site/trunk: ./ docs/ xdocs/

mailing-list

x_refsource_MLIST

[tomcat-dev] 20190325 svn commit: r1856174 [20/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/

mailing-list

x_refsource_MLIST

[tomcat-dev] 20200203 svn commit: r1873527 [22/30] - /tomcat/site/trunk/docs/

mailing-list

x_refsource_MLIST

[tomcat-dev] 20200213 svn commit: r1873980 [25/34] - /tomcat/site/trunk/docs/

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2008-1947

Description

Affected Products

References