Back to search
CVE-2009-0781
Published: Mar 9, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 allows remote attackers to inject arbitrary web script or HTML via the time parameter, related to "invalid HTML."
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://tomcat.apache.org/security-4.html
x_refsource_CONFIRM
HPSBMA02535
vendor-advisory
x_refsource_HP
MDVSA-2009:138
vendor-advisory
x_refsource_MANDRIVA
oval:org.mitre.oval:def:6564
vdb-entry
signature
x_refsource_OVAL
FEDORA-2009-11356
vendor-advisory
x_refsource_FEDORA
DSA-2207
vendor-advisory
x_refsource_DEBIAN
HPSBUX02860
vendor-advisory
x_refsource_HP
tomcat-cal2-xss(49213)
vdb-entry
x_refsource_XF
37460
third-party-advisory
x_refsource_SECUNIA
ADV-2010-3056
vdb-entry
x_refsource_VUPEN
http://www.vmware.com/security/advisories/VMSA-2009-0016.html
x_refsource_CONFIRM
35788
third-party-advisory
x_refsource_SECUNIA
SSRT100029
vendor-advisory
x_refsource_HP
APPLE-SA-2010-03-29-1
vendor-advisory
x_refsource_APPLE
HPSBOV02762
vendor-advisory
x_refsource_HP
ADV-2009-1856
vdb-entry
x_refsource_VUPEN
oval:org.mitre.oval:def:11041
vdb-entry
signature
x_refsource_OVAL
42368
third-party-advisory
x_refsource_SECUNIA
http://tomcat.apache.org/security-6.html
x_refsource_CONFIRM
http://support.apple.com/kb/HT4077
x_refsource_CONFIRM
FEDORA-2009-11374
vendor-advisory
x_refsource_FEDORA
35685
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:19345
vdb-entry
signature
x_refsource_OVAL
SSRT100825
vendor-advisory
x_refsource_HP
FEDORA-2009-11352
vendor-advisory
x_refsource_FEDORA
http://tomcat.apache.org/security-5.html
x_refsource_CONFIRM
SUSE-SR:2009:012
vendor-advisory
x_refsource_SUSE
HPSBUX02579
vendor-advisory
x_refsource_HP
SSRT101146
vendor-advisory
x_refsource_HP
MDVSA-2009:136
vendor-advisory
x_refsource_MANDRIVA
263529
vendor-advisory
x_refsource_SUNALERT
SSRT100203
vendor-advisory
x_refsource_HP
ADV-2009-3316
vdb-entry
x_refsource_VUPEN
20090306 [SECURITY] CVE-2009-0781 XSS in Apache Tomcat examples web application
mailing-list
x_refsource_BUGTRAQ
[tomcat-dev] 20190319 svn commit: r1855831 [21/30] - in /tomcat/site/trunk: ./ docs/ xdocs/
mailing-list
x_refsource_MLIST
[tomcat-dev] 20190319 svn commit: r1855831 [22/30] - in /tomcat/site/trunk: ./ docs/ xdocs/
mailing-list
x_refsource_MLIST
[tomcat-dev] 20190325 svn commit: r1856174 [19/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/
mailing-list
x_refsource_MLIST
[tomcat-dev] 20190325 svn commit: r1856174 [20/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/
mailing-list
x_refsource_MLIST
[tomcat-dev] 20200203 svn commit: r1873527 [22/30] - /tomcat/site/trunk/docs/
mailing-list
x_refsource_MLIST
[tomcat-dev] 20200213 svn commit: r1873980 [24/34] - /tomcat/site/trunk/docs/
mailing-list
x_refsource_MLIST
[tomcat-dev] 20200213 svn commit: r1873980 [25/34] - /tomcat/site/trunk/docs/
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now