You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by "TAKAGI, Hiromitsu" <ta...@etl.go.jp> on 2001/03/17 10:55:45 UTC

Tomcat .jsp Cross-Site Scripting Vulnerability

I found a cross-site scripting vulnerability in Tomcat 3.2.1.

Accessing the following URL, the JavaScript code will be executed by
the browser on the server's domain.

http://any-server-Tomcat-running-on/jsp-mapped-dir/<SCRIPT>alert(document.cookie)</SCRIPT>.jsp

This vulnerability is quite similar to "IIS cross-site scripting
vulnerabilities (MS00-060)" reported by Microsoft on August 25, 2000.
<http://www.microsoft.com/technet/security/bulletin/ms00-060.asp>

For details about cross-site scripting vulnerability, please referer
the following page. <http://www.apache.org/info/css-security/>


I have sent this report to the following email address on 15 Mar, 2001
(GMT), but no response has been received.
I-found-a-security-problem-in-the-apache-source-code@apache.org


Regards,
--
Hiromitsu Takagi
Electrotechnical Laboratory
http://www.etl.go.jp/~takagi/