Macromedia » Jrun : Security Vulnerabilities, CVEs, (XSS)
Cross-site scripting (XSS) vulnerability in the Management Console in JRun 4.0 allows remote attackers to execute arbitrary web script or HTML and possibly hijack a user's session.
Max CVSS
4.3
EPSS Score
0.44%
Published
2004-12-31
Updated
2017-07-11
Cross-site scripting vulnerability in Allaire JRun 3.0 and 2.3.3 allows a malicious webmaster to embed Javascript in a request for a .JSP, .shtml, .jsp10, .jrun, or .thtml file that does not exist, which causes the Javascript to be inserted into an error message.
Max CVSS
7.5
EPSS Score
1.00%
Published
2001-07-02
Updated
2017-10-10
Allaire JRun 2.3.3 server allows remote attackers to compile and execute JSP code by inserting it via a cross-site scripting (CSS) attack and directly calling the com.livesoftware.jrun.plugins.JSP JSP servlet.
Max CVSS
10.0
EPSS Score
2.82%
Published
2000-12-11
Updated
2017-12-19
3 vulnerabilities found