Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2007-3385 - Vulnerability Database
Apache Tomcat

Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2007-3385

Medium
Reference: CVE-2007-3385
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2007-3385
Title: Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Overview:

Apache Tomcat 6.0.0 to 6.0.13 5.5.0 to 5.5.24 5.0.0 to 5.0.30 4.1.0 to 4.1.36 and 3.3 to 3.3.2 does not properly handle the quot character sequence in a cookie value which might cause sensitive information such as session IDs to be leaked to remote attackers and enable session hijacking attacks.