You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Terry Lake <te...@vontu.com> on 2005/01/12 01:34:37 UTC

Is there a cross-site scripting fix for Tomcat 5.0.25?

Hello all,

After checking Google, CERT and the Jakarta site,  I can not find any information with regards to the availability of fix a for Tomcat 5.0.25.  Note that I found mentioned of a fix for 3.0.x, and 4.0.x on Google and the Jakarta site.  BTW, I did not find any information indicating that there is a problem with the 5.0.25 version but given that the cross-site scripting defect is present in older and newer versions (5.5.4), I assume that this vulnerability exists for the version in question. 

Thank in advance for any help that you provide.



Terry C. Lake
QA Manager
Vontu, Inc.
www.vontu.com
415-364-8131 - Direct
415-364-8190 - Fax
terry.lake@vontu.com