Apache Tomcat 7.0.x < 7.0.6 Cross-Site Scripting Vulnerability
Medium Nessus Network Monitor Plugin ID 5794
SynopsisThe remote web server is affected by a cross-site scripting vulnerability.
DescriptionVersions of Tomcat 7.0.x earlier than 7.0.6 are potentially affected by a cross-site scripting vulnerability because the HTML Manager interface display web application provided data, such as display names, without filtering.
SolutionUpgrade to Apache Tomcat 7.0.6 or later.