CVE-2001-0829
Apache Tomcat 3.2.1 - Cross-Site Scripting via JSP Error Message
Title source: llmDescription
A cross-site scripting vulnerability in Apache Tomcat 3.2.1 allows a malicious webmaster to embed Javascript in a request for a .JSP file, which causes the Javascript to be inserted into an error message.
References (3)
Core 3
Core References
Patch, Vendor Advisory x_refsource_misc
http://jakarta.apache.org/tomcat/tomcat-3.2-doc/readme
Various Sources mailing-list
x_refsource_bugtraq
http://archive.cert.uni-stuttgart.de/archive/bugtraq/2001/07/msg00021.html
Exploit, Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/2982
Scores
EPSS
0.1382
EPSS Percentile
96.1%
Details
Status
published
Products (2)
apache/tomcat
3.2.1
org.apache.tomcat/tomcat
0Maven
Published
Dec 06, 2001
Tracked Since
Feb 18, 2026