Cross-site scripting vulnerability in Apache Tomcat 4.0.3 allows remote attackers to execute script as other web users via script in a URL with the /servlet/ mapping, which does not filter the script when an exception is thrown by the servlet.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Tomcat | Apache | 4.0.3 (including) | 4.0.3 (including) |