The Apache Software Foundation has released a security advisory to address a vulnerability (CVE-2022-34305) in multiple versions of Tomcat. A remote attacker could exploit this vulnerability to trigger cross-site scripting (XSS) on the targeted system. Apache fixed vulnerability in Apache Tomcat versions 8.5.82, 9.0.65, 10.0.23, 10.1.0-M17 .

Detailed information on vulnerability and updates can be found in Apache’s security advisories – apache.org.