CVE-2007-1355
published 2007-05-21CVE-2007-1355: Multiple cross-site scripting (XSS) vulnerabilities in the appdev/sample/web/hello.jsp example application in Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36…
PriorityP430medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
58.25%
99.0th percentile
Multiple cross-site scripting (XSS) vulnerabilities in the appdev/sample/web/hello.jsp example application in Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.23, and 6.0.0 through 6.0.10 allow remote attackers to inject arbitrary web script or HTML via the test parameter and unspecified vectors.
Affected
52 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
| apache | tomcat | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor HTTP requests targeting the path /tomcat-docs/appdev/sample/web/hello.jsp with a 'test' query parameter, which is the known XSS injection vector for this CVE. ↗
- →The exploit proof-of-concept injects JavaScript via the 'test' parameter using a payload such as alert(document.domain); look for script-like content in the 'test' parameter of requests to hello.jsp. ↗
- →Presence of the sample application hello.jsp on a production Tomcat instance (versions 4.0.0–4.0.6, 4.1.0–4.1.36, 5.0.0–5.0.30, 5.5.0–5.5.23, 6.0.0–6.0.10) indicates an unpatched, exploitable endpoint. ↗
- ·The vulnerable endpoint is part of the bundled documentation/sample web application; it should be removed or disabled in production deployments to eliminate the attack surface entirely. ↗
- ·Exploitation can lead to theft of cookie-based authentication credentials; ensure HttpOnly and Secure flags are set on session cookies as a compensating control. ↗
- ·Fixed versions are Tomcat 6.0.11, 5.5.24, 5.0.HEAD, and 4.1.HEAD; any instance below these versions with the sample app deployed remains vulnerable. ↗
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
vendor_redhat4.3MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
tomcat XSS in samples
vendor_redhat·2007-05-19·CVSS 4.3
CVE-2007-1355 [MEDIUM] CWE-79 tomcat XSS in samples
tomcat XSS in samples
Multiple cross-site scripting (XSS) vulnerabilities in the appdev/sample/web/hello.jsp example application in Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.23, and 6.0.0 through 6.0.10 allow remote attackers to inject arbitrary web script or HTML via the test parameter and unspecified vectors.
GHSA
Apache Tomcat Vulnerable to Cross-Site Scripting
ghsa·2022-05-01
CVE-2007-1355 [MEDIUM] CWE-79 Apache Tomcat Vulnerable to Cross-Site Scripting
Apache Tomcat Vulnerable to Cross-Site Scripting
Multiple cross-site scripting (XSS) vulnerabilities in the appdev/sample/web/hello.jsp example application in Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.23, and 6.0.0 through 6.0.10 allow remote attackers to inject arbitrary web script or HTML via the test parameter and unspecified vectors.
OSV
Apache Tomcat Vulnerable to Cross-Site Scripting
osv·2022-05-01
CVE-2007-1355 [MEDIUM] Apache Tomcat Vulnerable to Cross-Site Scripting
Apache Tomcat Vulnerable to Cross-Site Scripting
Multiple cross-site scripting (XSS) vulnerabilities in the appdev/sample/web/hello.jsp example application in Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.23, and 6.0.0 through 6.0.10 allow remote attackers to inject arbitrary web script or HTML via the test parameter and unspecified vectors.
No detection rules found.
Bugzilla
CVE-2007-5333 Improve cookie parsing for tomcat5 [rhn_satellite_5.0]
bugzilla·2008-01-10·CVSS 4.3
CVE-2007-5333 [MEDIUM] CVE-2007-5333 Improve cookie parsing for tomcat5 [rhn_satellite_5.0]
CVE-2007-5333 Improve cookie parsing for tomcat5 [rhn_satellite_5.0]
rhn_satellite_5.0 tracking bug: see blocks bug list for full details of the security issue(s).
This bug is never intended to be made public, please put any public notes in the 'blocks' bugs.
For the security issues handling process overview see: http://intranet.corp.redhat.com/ic/intranet/SecurityZStreamFAQ
[bug automatically created by: add-tracking-bugs]
Discussion:
[root@rlx-3-18 RPMS]# ls tomcat5-5.0.30-0jpp_9rh.noarch.rpm
tomcat5-5.0.30-0jpp_9rh.noarch.rpm
[root@rlx-3-18 RPMS]# pwd
/tmp/mnt/RPMS
[root@rlx-3-18 RPMS]#
verified
---
This is not a bug. The real issue that was talked about is actually:
private bug Bugzilla Bug 430731: CVE-2007-5461 CVE-2007-3385 CVE-2007-3382
CVE-2007-1358 CVE-2007-1355 CVE-2007
Bugzilla
CVE-2007-1355 tomcat XSS in samples
bugzilla·2007-08-17·CVSS 4.3
CVE-2007-1355 [MEDIUM] CVE-2007-1355 tomcat XSS in samples
CVE-2007-1355 tomcat XSS in samples
From: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1355
Fixed in Tomcat 6.0.11, 5.5.24, 5.0.HEAD, 4.1.HEAD
Description of problem:
Multiple cross-site scripting (XSS) vulnerabilities in the
appdev/sample/web/hello.jsp example application in Tomcat 4.0.0 through 4.0.6,
4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.23, and 6.0.0
through 6.0.10 allow remote attackers to inject arbitrary web script or HTML via
the test parameter and unspecified vectors.
Discussion:
tomcat5-5.5.25-1jpp.1.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.
---
tomcat5-5.5.25-1jpp.1.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please ma
http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspxhttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.htmlhttp://osvdb.org/34875http://rhn.redhat.com/errata/RHSA-2008-0630.htmlhttp://secunia.com/advisories/27037http://secunia.com/advisories/27727http://secunia.com/advisories/30802http://secunia.com/advisories/30899http://secunia.com/advisories/30908http://secunia.com/advisories/31493http://secunia.com/advisories/33668http://securityreason.com/securityalert/2722http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1http://support.apple.com/kb/HT2163http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540http://tomcat.apache.org/security-4.htmlhttp://tomcat.apache.org/security-5.htmlhttp://tomcat.apache.org/security-6.htmlhttp://www.redhat.com/support/errata/RHSA-2008-0261.htmlhttp://www.securityfocus.com/archive/1/469067/100/0/threadedhttp://www.securityfocus.com/archive/1/500396/100/0/threadedhttp://www.securityfocus.com/archive/1/500412/100/0/threadedhttp://www.securityfocus.com/bid/24058http://www.vupen.com/english/advisories/2007/3386http://www.vupen.com/english/advisories/2008/1979/referenceshttp://www.vupen.com/english/advisories/2008/1981/referenceshttp://www.vupen.com/english/advisories/2009/0233https://exchange.xforce.ibmcloud.com/vulnerabilities/34377https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3Ehttps://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3Ehttps://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3Ehttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6111https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.htmlhttp://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspxhttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.htmlhttp://osvdb.org/34875http://rhn.redhat.com/errata/RHSA-2008-0630.htmlhttp://secunia.com/advisories/27037http://secunia.com/advisories/27727http://secunia.com/advisories/30802http://secunia.com/advisories/30899http://secunia.com/advisories/30908http://secunia.com/advisories/31493http://secunia.com/advisories/33668http://securityreason.com/securityalert/2722http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1http://support.apple.com/kb/HT2163http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540http://tomcat.apache.org/security-4.htmlhttp://tomcat.apache.org/security-5.htmlhttp://tomcat.apache.org/security-6.htmlhttp://www.redhat.com/support/errata/RHSA-2008-0261.htmlhttp://www.securityfocus.com/archive/1/469067/100/0/threadedhttp://www.securityfocus.com/archive/1/500396/100/0/threadedhttp://www.securityfocus.com/archive/1/500412/100/0/threadedhttp://www.securityfocus.com/bid/24058http://www.vupen.com/english/advisories/2007/3386http://www.vupen.com/english/advisories/2008/1979/referenceshttp://www.vupen.com/english/advisories/2008/1981/referenceshttp://www.vupen.com/english/advisories/2009/0233https://exchange.xforce.ibmcloud.com/vulnerabilities/34377https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3Ehttps://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3Ehttps://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3Ehttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6111https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html
2007-05-21
Published