It's posible to insert script in request to different servlett classes.
vulners.com/securityvulns/securityvulns:doc:3195
vulners.com/securityvulns/securityvulns:doc:3403