CVE-2006-7195

Cross-site scripting (XSS) vulnerability in implicit-objects.jsp in Apache Tomcat 5.0.0 through 5.0.30 and 5.5.0 through 5.5.17 allows remote attackers to inject arbitrary web script or HTML via certain header values.

Published: May 10, 2007
Updated: Apr 13, 2023
CVE: CVE-2006-7195
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
apache / tomcat	5.0.19	5.0.19.x
apache / tomcat	5.5.12	5.5.12.x
apache / tomcat	5.0.14	5.0.14.x
apache / tomcat	5.5.14	5.5.14.x
apache / tomcat	5.5.10	5.5.10.x
apache / tomcat	5.0.22	5.0.22.x
apache / tomcat	5.5.7	5.5.7.x
apache / tomcat	5.5.11	5.5.11.x
apache / tomcat	5.5.6	5.5.6.x
apache / tomcat	5.0.15	5.0.15.x
apache / tomcat	5.0.30	5.0.30.x
apache / tomcat	5.5.15	5.5.15.x
apache / tomcat	5.0.23	5.0.23.x
apache / tomcat	5.0.2	5.0.2.x
apache / tomcat	5.5.5	5.5.5.x
apache / tomcat	5.0.10	5.0.10.x
apache / tomcat	5.0.21	5.0.21.x
apache / tomcat	5.0.26	5.0.26.x
apache / tomcat	5.0.0	5.0.0.x
apache / tomcat	5.0.27	5.0.27.x
apache / tomcat	5.0.16	5.0.16.x
apache / tomcat	5.5.9	5.5.9.x
apache / tomcat	5.0.18	5.0.18.x
apache / tomcat	5.0.28	5.0.28.x
apache / tomcat	5.0.29	5.0.29.x
apache / tomcat	5.5.0	5.5.0.x
apache / tomcat	5.5.13	5.5.13.x
apache / tomcat	5.0.13	5.0.13.x
apache / tomcat	5.5.8	5.5.8.x
apache / tomcat	5.0.17	5.0.17.x
apache / tomcat	5.5.16	5.5.16.x
apache / tomcat	5.5.17	5.5.17.x
apache / tomcat	5.0.25	5.0.25.x
apache / tomcat	5.0.1	5.0.1.x
apache / tomcat	5.0.11	5.0.11.x
apache / tomcat	5.0.24	5.0.24.x
apache / tomcat	5.0.12	5.0.12.x

Vulnerability Database

289,599

CVE-2006-7195