CVE-2007-1358
CVE-2007-1358 · LOW Severity
AV:N/AC:H/AU:N/C:N/I:P/A:N
Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform to RFC 2616".
Learn more about our Cis Benchmark Audit For Apache Http Server.