← CVECheck
HomeVulnerabilities

CVE-2002-1025 — MEDIUM severity vulnerability (JRun 3.0 through 4.0 allows remote attackers to read JSP sou)

JRun 3.0 through 4.0 allows remote attackers to read JSP source code via an encoded null byte in an HTTP GET request, which causes the server to send the .JSP file unparsed.

CVE IDCVE-2002-1025
SeverityMEDIUM
CVSS score5.0
CVSS vectorAV:N/AC:L/Au:N/C:P/I:N/A:N
CWENVD-CWE-Other
StatusModified
Published2002-10-04
Last modified2026-04-16
DescriptionJRun 3.0 through 4.0 allows remote attackers to read JSP source code via an encoded null byte in an HTTP GET request, which causes the server to send the .JSP file unparsed.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →