This script is Copyright (C) 2014 Tenable Network Security, Inc.
The remote openSUSE host is missing a security update.
This update fixes a cross-site scripting vulnerability that affects
the session list screen. This can be used to steal session cookies
because tomcat 6 does not use the httpOnly flag for its cookies.
See also :
Update the affected tomcat6 packages.
Risk factor :
Medium / CVSS Base Score : 4.3
Public Exploit Available : true