Cross-site scripting vulnerability in Allaire JRun 3.0 and 2.3.3 allows a malicious webmaster to embed Javascript in a request for a .JSP, .shtml, .jsp10, .jrun, or .thtml file that does not exist, which causes the Javascript to be inserted into an error message.
Advisories
Source ID Title
EUVD EUVD EUVD-2001-1065 Cross-site scripting vulnerability in Allaire JRun 3.0 and 2.3.3 allows a malicious webmaster to embed Javascript in a request for a .JSP, .shtml, .jsp10, .jrun, or .thtml file that does not exist, which causes the Javascript to be inserted into an error message.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-08T04:44:07.480Z

Reserved: 2002-03-15T00:00:00

Link: CVE-2001-1084

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2001-07-02T04:00:00.000

Modified: 2025-04-03T01:03:51.193

Link: CVE-2001-1084

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.