Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
[Full-disclosure] Apache Tomcat remote xss

From: handrix cobra (handrixgmail.com)
Date: Wed Sep 05 2007 - 21:13:54 CDT

Apache Tomcat remote xss
Author: handrix
Contact: handrix_at_morx_dot_org
Vulnerability: Cross Site Scripting
Severity: Medium/High
MorX security research team

Apache Tomcat remote xss

Tomcat provide many example of jsp files, servlet and others.
functions.jsp's script is vulnerable to cross-site scripting attacks in foo

XSS Vector:

Vulnerable versions :
Apache Tomecat/5.2.28 and maybe others

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/