« HDD非搭載? | Main | 53.0% Linuxサーバの利用率 »

06 January 2005

Apache TomcatのXSS

Apache Tomcatにクロスサイトスクリプティングの脆弱性
元はこちら。Apache Tomcat "Tomcat Manager" Cross-Site Scripting

Example:
http://[host]:8080/manager/html/[code]
http://[host]:8080/manager/html/stop?path=[code]
http://[host]:8080/manager/html/start?path=[code]

なるほどね。もうXSSの初歩の初歩ですね。まぁTomcat Managerはそもそも外部公開されないようにすると思うので危険度が低いですけど。

Posted at 07:37 PM in from s14u.info |

TrackBack

TrackBack URL for this entry:
http://bb.lekumo.jp/t/trackback/517129/31023945

Listed below are links to weblogs that reference Apache TomcatのXSS:

Comments

Post a comment

Access Ranking

Recent Posts

Archives

More...

Powered by Six Apart
Sponsored links