← CVECheck
HomeVulnerabilities

CVE-2001-1084 — HIGH severity vulnerability (Cross-site scripting vulnerability in Allaire JRun 3.0 and 2)

Cross-site scripting vulnerability in Allaire JRun 3.0 and 2.3.3 allows a malicious webmaster to embed Javascript in a request for a .JSP, .shtml, .jsp10, .jrun, or .thtml file that does not exist, which causes the Javascript to be inserted into an error message.

CVE IDCVE-2001-1084
SeverityHIGH
CVSS score7.5
CVSS vectorAV:N/AC:L/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published2001-07-02
Last modified2026-04-16
DescriptionCross-site scripting vulnerability in Allaire JRun 3.0 and 2.3.3 allows a malicious webmaster to embed Javascript in a request for a .JSP, .shtml, .jsp10, .jrun, or .thtml file that does not exist, which causes the Javascript to be inserted into an error message.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →