Apache Tomcat Host Manager Servlet Cross-Site Scripting Vulnerability

vendor:

Apache Tomcat

by:

Unknown

5.5

CVSS

MEDIUM

Cross-Site Scripting

CWE

Product Name: Apache Tomcat

Affected Version From: 5.5.2000

Affected Version To: 5.5.24 and 6.0.0 through 6.0.13

Patch Exists: YES

Related CWE:

CPE: apache:tomcat

Metasploit:

Other Scripts:

Platforms Tested:

Unknown

Apache Tomcat Host Manager Servlet Cross-Site Scripting Vulnerability

The Apache Tomcat Host Manager Servlet is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to inject HTML and script code into the browser of an unsuspecting victim. The attacker may then steal cookie-based authentication credentials and launch other attacks.

Mitigation:

To mitigate this vulnerability, it is recommended to sanitize user-supplied input to prevent the injection of malicious code. Additionally, keeping the Apache Tomcat software up-to-date with the latest patches and versions can help protect against known vulnerabilities.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/25314/info

Apache Tomcat Host Manager Servlet is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.

An attacker can exploit this vulnerability to inject HTML and script code into the browser of an unsuspecting victim. The attacker may then steal cookie-based authentication credentials and launch other attacks.

Apache Tomcat 5.5.0 through 5.5.24 and 6.0.0 through 6.0.13 are affected. 

<form action="http://localhost:8080/host-manager/html/add" method="get"> <input type="hidden" NAME='name' VALUE="aaa"> <input type="hidden" NAME='aliases' VALUE="<script>alert()</script>"> <input type="submit"> </form>