Skip to content

Add CVE-2022-34305 (Updated CVEs) #14299

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
Sourabh-Sahu wants to merge 4 commits into
base: main
Choose a base branch
from
Open

Add CVE-2022-34305 (Updated CVEs) #14299

Sourabh-Sahu wants to merge 4 commits into from
+73 −0

Conversation

@Sourabh-Sahu
Copy link
Contributor

@Sourabh-Sahu Sourabh-Sahu commented Dec 9, 2025

Add CVE-2022-34305

In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability.

Template validation

  • Validated with a host running a vulnerable version and/or configuration (True Positive)
  • Validated with a host running a patched version and/or configuration (avoid False Positive)

Additional Details (leave it blank if not applicable)

Additional References:

@github-actions github-actions bot requested a review from ritikchaddha December 9, 2025 07:22
@Akokonunes Akokonunes added Done Ready to merge Status: In Progress This issue is being worked on, and has someone assigned. and removed Done Ready to merge Status: In Progress This issue is being worked on, and has someone assigned. labels Dec 10, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ritikchaddha ritikchaddha Awaiting requested review from ritikchaddha

Assignees

@Akokonunes Akokonunes

Labels

Done Ready to merge

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Sourabh-Sahu @Akokonunes