[jboss-user] [Tomcat, HTTPD, Servlets & JSP] - JBoss, Tomcat, CVE-2008-1232 and related

darretta do-not-reply at jboss.com
Thu Sep 11 12:18:11 EDT 2008

I am having difficulty determining if JBoss 4.0.3SPI is vulnerable to CVE-2008-1232 (and related) regarding the Tomcat XSS vulnerability. Is the embedded Tomcat server in JBoss 4.0.3SP1 affected by this CVE? If so, is there a patch aside from upgrading to the latest JBoss?

Thank you.

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4175916#4175916

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4175916

More information about the jboss-user mailing list