CVE-2001-1084 in JRuninfo

Summary

Cross-site scripting vulnerability in Allaire JRun 3.0 and 2.3.3 allows a malicious webmaster to embed Javascript in a request for a .JSP, .shtml, .jsp10, .jrun, or .thtml file that does not exist, which causes the Javascript to be inserted into an error message.

Be aware that VulDB is the high quality source for vulnerability data.

Disclosure

07/02/2001

Moderation

VulDB entry created

Entries

1: VDB-16957

CPE

ready

CWE

CWE-80 (Confirmed)

CVSS

6.3

EPSS

0.00156

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2001-1084
NVD	https://nvd.nist.gov/vuln/detail/CVE-2001-1084
CVE Details	https://www.cvedetails.com/cve/CVE-2001-1084/

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!