Apache Tomcat Improper Encoding or Escaping of Output Vulnerability - CVE-2022-45143 - Vulnerability Database

Apache Tomcat Improper Encoding or Escaping of Output Vulnerability - CVE-2022-45143

High
Reference: CVE-2022-45143
Title: Apache Tomcat Improper Encoding or Escaping of Output Vulnerability
Overview:

The JsonErrorReportValve in Apache Tomcat 8.5.83 9.0.40 to 9.0.68 and 10.1.0-M1 to 10.1.1 did not escape the type message or description values. In some circumstances these are constructed from user provided data and it was therefore possible for users to supply values that invalidated or manipulated the JSON output.