Tmax Soft JEUS 3.1.4 p1 URL.JSP Cross-Site Scripting Vulnerability

2003-06-17T00:00:00
ID EDB-ID:22805
Type exploitdb
Reporter Jeremy Bae
Modified 2003-06-17T00:00:00

Description

Tmax Soft JEUS 3.1.4 p1 URL.JSP Cross-Site Scripting Vulnerability. Webapps exploit for jsp platform

                                        
                                            source: http://www.securityfocus.com/bid/7969/info

Reportedly, Tmax Soft JEUS is vulnerable to a cross site-scripting attack. The vulnerability is present in the url.jsp script of the Tmax Soft JEUS server.

An attacker may exploit this vulnerability by enticing a victim user to follow a malicious link.

It should be noted that although this vulnerability has been reported to affect Tmax Soft JEUS version 3.1.4p1, all version prior to release 3.2.2 are also reported vulnerable.

http://www.example.com/url.jsp?foo=<script>alert('XSS vulnerability exists!')</script>