CVE-2007-1358

CVE-2007-1358 · LOW Severity

AV:N/AC:H/AU:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform to RFC 2616".

Learn more about our Cis Benchmark Audit For Apache Http Server.