The following vulnerability is reported by security scanning tools on the CABI 3.3 server
Apache Tomcat JavaDoc Spoofing Vulnerability
This solutions talks in detail about how to fix this vulnerability
Apache Tomcat JavaDoc Spoofing Vulnerability.
Apache Tomcat is an open source web server and servlet container developed by the Apache Software Foundation. Apache has confirmed a vulnerability inTomcat that can allow an attacker to spoof content. The vulnerability is caused by a vulnerable version of JavaDoc tool used by Apache to generate documentation.
It is recommended to upgrade to the latest version of Apache Tomcat 7.0.53 or later. http://tomcat.apache.org/
The recommendation is to upgrade Tomcat to 7 or higher. But CABI 3.3 supports only Tomcat 6. CABI 3.3 SP1 supports Tomcat 7. Therefore the recommended solution is to apply CABI 3.3 SP1.