Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Apache Tomcat Cross-Site Scripting (XSS) in Manager Application
MINI-vrgm-6vjq-wm36
Summary
Apache Tomcat's Manager application has a security flaw that could allow an attacker to inject malicious code into the application, potentially stealing user data or taking control of the server. This affects Apache Tomcat servers that have the Manager application enabled. To protect against this, update to a fixed version of Apache Tomcat or disable the Manager application if it's not needed.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | neo4j-2025.07 | All versions | – |
| – | neo4j-2025.07-docker-publish | All versions | – |
Original title
MINI-vrgm-6vjq-wm36
Published: 6 Mar 2026 · Updated: 6 Mar 2026 · First seen: 6 Mar 2026