6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.933 High
EPSS
Percentile
99.0%
Multiple cross-site scripting (XSS) vulnerabilities in the (1) examples and (2) ROOT web applications for Jakarta Tomcat 3.x through 3.3.1a allow remote attackers to insert arbitrary web script or HTML.
jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a
jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt
secunia.com/advisories/7972
www.ciac.org/ciac/bulletins/n-060.shtml
www.debian.org/security/2003/dsa-246
www.osvdb.org/9203
www.osvdb.org/9204
www.securityfocus.com/advisories/5111
www.securityfocus.com/bid/6720
exchange.xforce.ibmcloud.com/vulnerabilities/11196
nvd.nist.gov/vuln/detail/CVE-2003-0044