3 matches found
CVE-2001-1121
CVE-2001-1121 is a duplicate of CVE-2001-1084; connected data provide concrete details for CVE-2001-1084: Cross-site scripting in Allaire JRun 3.0 and 2.3.3. A malicious webmaster can embed JavaScript in a request targeting a non-existent file (.JSP, .shtml, .jsp10, .jrun, or .thtml), causing the...
CVE-2001-1084
Affected software: Allaire JRun 3.0 and 2.3.3. Vulnerability: cross-site scripting via error messages when a request targets non-existent files (.JSP, .shtml, .jsp10, .jrun, .thtml). Root cause: uploaded/embedded Javascript from attacker is echoed into an error page, enabling script execution. Im...
CVE-2001-1084
Cross-site scripting vulnerability in Allaire JRun 3.0 and 2.3.3 allows a malicious webmaster to embed Javascript in a request for a .JSP, .shtml, .jsp10, .jrun, or .thtml file that does not exist, which causes the Javascript to be inserted into an error message...