7 lines
No EOL
503 B
Text
7 lines
No EOL
503 B
Text
source: https://www.securityfocus.com/bid/5194/info
|
|
|
|
A vulnerability has been reported for Apache Tomcat 4.0.3 on a Microsoft Windows platform. Reportedly, it is possible for an attacker to launch a cross site scripting attack.
|
|
|
|
When making a request for a DOS device file name, Tomcat will throw an exception and respond with an error message. It is also possible for information to be appended to the DOS device when making a request.
|
|
|
|
tomcat-server/COM2.IMG%20src= "Javascript:alert(document.domain)" |