CVE-2026-50229

MEDIUM

Apache Tomcat: XSS in number guess example

Title source: cna
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2026-50229. PoCs published by zero-trace7.

AI-analyzed exploit summary This repository contains a Python-based scanner for CVE-2026-50229, a reflected Cross-Site Scripting (XSS) vulnerability in Apache Tomcat's bundled examples web application (numguess.jsp). The tool tests multiple XSS payloads against vulnerable endpoints but does not execute malicious actions beyond detection.

Description

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in the number guess example for Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.0.M1 through 9.0.118, from 8.5.0 through 8.5.100, from 7.0.0 through 7.0.109. Other versions that have reached end of support may also be affected. Users are recommended to upgrade to version 11.0.23, 10.1.56 or 9.0.119, which fix the issue.

Exploits (1)

github SCANNER
by zero-trace7 · pythonpoc
https://github.com/zero-trace7/CVE-2026-50229

This repository contains a Python-based scanner for CVE-2026-50229, a reflected Cross-Site Scripting (XSS) vulnerability in Apache Tomcat's bundled examples web application (numguess.jsp). The tool tests multiple XSS payloads against vulnerable endpoints but does not execute malicious actions beyond detection.

Classification
Scanner 98%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: Apache Tomcat (examples web application, specifically numguess.jsp)
No auth needed
Prerequisites: Access to the Apache Tomcat examples web application (typically /examples/) · User interaction (victim must visit the crafted URL)
mistral-large-3 · analyzed Jul 08, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 6.1
EPSS 0.0046
EPSS Percentile 36.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-80
Status published
Products (7)
apache/tomcat < 7.0.109
Apache Software Foundation/Apache Tomcat < 7.0.0
Apache Software Foundation/Apache Tomcat 10.1.0-M1 - 10.1.55
Apache Software Foundation/Apache Tomcat 11.0.0-M1 - 11.0.22
Apache Software Foundation/Apache Tomcat 7.0.0 - 7.0.109
Apache Software Foundation/Apache Tomcat 8.5.0 - 8.5.100
Apache Software Foundation/Apache Tomcat 9.0.0.M1 - 9.0.118
Published Jun 29, 2026
Tracked Since Jun 30, 2026