The host is installed with Apache Tomcat versions 9.0.0.M1 to 9.0.17, 8.5.0 to 8.5.39 or 7.0.0 to 7.0.93 and is prone to a cross-site scripting vulnerability. A flaw is present in the application which fails to handle the issue in SSI printenv. Successful exploitation allows an attacker to perform cross-site scripting.