{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2003-10-16T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in Bajie Java HTTP Server 0.95 through 0.95zxv4 allows remote attackers to inject arbitrary web script or HTML via (1) the query string to test.txt, (2) the guestName parameter to the custMsg servlet, or (3) the cookiename parameter to the CookieExample servlet."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2007-11-28T10:00:00.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.geocities.com/gzhangx/websrv/docs/security.html"}, {"name": "8841", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/8841"}, {"name": "10023", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/10023"}, {"name": "20031016 CSS Vulnerability in Bajie HTTP JServer", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/341452"}, {"name": "3306", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/3306"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-1511", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cross-site scripting (XSS) vulnerability in Bajie Java HTTP Server 0.95 through 0.95zxv4 allows remote attackers to inject arbitrary web script or HTML via (1) the query string to test.txt, (2) the guestName parameter to the custMsg servlet, or (3) the cookiename parameter to the CookieExample servlet."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.geocities.com/gzhangx/websrv/docs/security.html", "refsource": "CONFIRM", "url": "http://www.geocities.com/gzhangx/websrv/docs/security.html"}, {"name": "8841", "refsource": "BID", "url": "http://www.securityfocus.com/bid/8841"}, {"name": "10023", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/10023"}, {"name": "20031016 CSS Vulnerability in Bajie HTTP JServer", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/341452"}, {"name": "3306", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/3306"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T02:28:03.607Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.geocities.com/gzhangx/websrv/docs/security.html"}, {"name": "8841", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/8841"}, {"name": "10023", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/10023"}, {"name": "20031016 CSS Vulnerability in Bajie HTTP JServer", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/341452"}, {"name": "3306", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/3306"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-1511", "datePublished": "2007-10-25T19:00:00.000Z", "dateReserved": "2007-10-25T00:00:00.000Z", "dateUpdated": "2024-08-08T02:28:03.607Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:bajie:java_http_server:0.95:*:*:*:*:*:*:*", "matchCriteriaId": "C4BB8346-EFEC-434E-95D1-294EC5580CA4", "vulnerable": true}, {"criteria": "cpe:2.3:a:bajie:java_http_server:0.95:d:*:*:*:*:*:*", "matchCriteriaId": "ECE86194-3115-4E9D-AEBF-469E8E79771B", "vulnerable": true}, {"criteria": "cpe:2.3:a:bajie:java_http_server:0.95:zxc:*:*:*:*:*:*", "matchCriteriaId": "67BD5099-B55E-4F03-A54A-F41A3E6CD27E", "vulnerable": true}, {"criteria": "cpe:2.3:a:bajie:java_http_server:0.95:zxe:*:*:*:*:*:*", "matchCriteriaId": "FEE9C18B-0FD3-406C-8967-3D1FB3B2A978", "vulnerable": true}, {"criteria": "cpe:2.3:a:bajie:java_http_server:0.95:zxe1:*:*:*:*:*:*", "matchCriteriaId": "9C106CC8-60B8-4556-A19E-1F7BB7926812", "vulnerable": true}, {"criteria": "cpe:2.3:a:bajie:java_http_server:0.95:zxv4:*:*:*:*:*:*", "matchCriteriaId": "906DEE36-7203-4A9B-9022-F5972C38C471", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in Bajie Java HTTP Server 0.95 through 0.95zxv4 allows remote attackers to inject arbitrary web script or HTML via (1) the query string to test.txt, (2) the guestName parameter to the custMsg servlet, or (3) the cookiename parameter to the CookieExample servlet."}], "id": "CVE-2003-1511", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2003-12-31T05:00:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/10023"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://securityreason.com/securityalert/3306"}, {"source": "cve@mitre.org", "url": "http://www.geocities.com/gzhangx/websrv/docs/security.html"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/archive/1/341452"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Patch"], "url": "http://www.securityfocus.com/bid/8841"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/10023"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://securityreason.com/securityalert/3306"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.geocities.com/gzhangx/websrv/docs/security.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.securityfocus.com/archive/1/341452"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch"], "url": "http://www.securityfocus.com/bid/8841"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}