virus logo FortiClient Vulnerability

Apache Tomcat CVE-2019-0221 Cross Site Scripting Vulnerability

description-logoDescription

The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 echoes user provided data without escaping and is, therefore, vulnerable to XSS. SSI is disabled by default. The printenv command is intended for debugging and is unlikely to be present in a production website.

affected-products-logoAffected Applications

Apache Tomcat

CVE References

CVE-2019-0221

Other References

http://tomcat.apache.org/security.html
ID 70313
Created Jan 12, 2022
Description
Updated		 Dec 14, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor Apache
Patch manual
Application Apache Tomcat