CVE-2003-0044

Name of the Vulnerable Software and Affected Versions Jakarta Tomcat versions 3.x through 3.3.1a

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities found in the examples and ROOT web applications. These vulnerabilities allow remote attackers to insert arbitrary web script or HTML. It is noted that the examples web application should not be installed on production servers due to these vulnerabilities.

Recommendations For Jakarta Tomcat versions 3.x through 3.3.1a, consider uninstalling the examples web application to minimize the risk of exploitation, especially on production servers. As a temporary workaround, restrict access to the ROOT web application and the examples web application until a fix is available.