CVE-2007-2449
NUCLEIApache Tomcat 4.0.0-4.0.6, 4.1.0-4.1.36, 5.0.0-5.0.30, 5.5.0-5.5.24, 6.0.0-6.0.13 XSS via URI Semicolon Injection
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2007-2449. PoCs published by anonymous. A Nuclei detection template is also available.
AI-analyzed exploit summary This is a writeup describing a cross-site scripting (XSS) vulnerability in Apache Tomcat. The vulnerability arises from improper sanitization of user-supplied input, allowing attackers to inject malicious scripts.
Description
Multiple cross-site scripting (XSS) vulnerabilities in certain JSP files in the examples web application in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote attackers to inject arbitrary web script or HTML via the portion of the URI after the ';' character, as demonstrated by a URI containing a "snp/snoop.jsp;" sequence.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by anonymous · textwebappsjsp
https://www.exploit-db.com/exploits/30189
This is a writeup describing a cross-site scripting (XSS) vulnerability in Apache Tomcat. The vulnerability arises from improper sanitization of user-supplied input, allowing attackers to inject malicious scripts.
Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Theoretical
Target:
Apache Tomcat
No auth needed
Prerequisites:
Access to a vulnerable Apache Tomcat instance
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
Nuclei Templates (1)
Apache Tomcat 4.x-7.x - Cross-Site Scripting
MEDIUMVERIFIEDby pdteam,ritikchaddha
Shodan:
title:"Apache Tomcat"
References (40)
Core 40
Core References
Vendor Advisory vendor-advisory
x_refsource_fedora
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E
Various Sources x_refsource_confirm
http://tomcat.apache.org/security-4.html
Vendor Advisory x_refsource_confirm
http://support.apple.com/kb/HT2163
Vendor Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2008-0630.html
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/1981/references
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/24476
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/31493
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/471351/100/0/threaded
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/2804
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2007-0569.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/34869
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/500412/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1018245
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/33668
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/29392
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/500396/100/0/threaded
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00008.html
Mailing List vendor-advisory
x_refsource_apple
http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2009/0233
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
Patch x_refsource_confirm
http://tomcat.apache.org/security-6.html
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/3386
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/30802
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/27037
Vendor Advisory vendor-advisory
x_refsource_hp
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/27727
Various Sources x_refsource_confirm
http://tomcat.apache.org/security-5.html
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2008-0261.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/36080
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10578
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26076
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/2213
Various Sources x_refsource_confirm
http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx
Various Sources x_refsource_confirm
http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540
Vendor Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDKSA-2007:241
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
Scores
EPSS
0.5214
EPSS Percentile
98.0%
Details
Status
published
Products (50)
apache/tomcat
4.0.0
apache/tomcat
4.0.1
apache/tomcat
4.0.2
apache/tomcat
4.0.3
apache/tomcat
4.0.4
apache/tomcat
4.0.5
apache/tomcat
5.0.0
apache/tomcat
5.0.1
apache/tomcat
5.0.2
apache/tomcat
5.0.3
... and 40 more
Published
Jun 14, 2007
Tracked Since
Feb 18, 2026