CVE-2007-4724

medium Apache
CVSS v3 Base Score
4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS Score
0.7%
Exploitation probability in 30 days
Top 28% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
M
Confidentiality
None
Integrity
P
Availability
None
Published: September 5, 2007 (6825 days ago)
Last Modified: April 23, 2026
Vendor: Apache
Source: NVD

Description

Cross-site request forgery (CSRF) vulnerability in cal2.jsp in the calendar examples application in Apache Tomcat 4.1.31 allows remote attackers to add events as arbitrary users via the time and description parameters.

CWE

CWE-352

Affected Products

apache tomcat

References

🔗 archives.neohapsis.com 🔗 osvdb.org 🔗 securityreason.com 🔗 www.securityfocus.com 🔗 archives.neohapsis.com