CVE-2001-0829

Apache Tomcat 3.2.1 - Cross-Site Scripting via JSP Error Message

Title source: llm
STIX 2.1

Description

A cross-site scripting vulnerability in Apache Tomcat 3.2.1 allows a malicious webmaster to embed Javascript in a request for a .JSP file, which causes the Javascript to be inserted into an error message.

References (3)

Core 3
Core References
Patch, Vendor Advisory x_refsource_misc
http://jakarta.apache.org/tomcat/tomcat-3.2-doc/readme
Various Sources mailing-list x_refsource_bugtraq
http://archive.cert.uni-stuttgart.de/archive/bugtraq/2001/07/msg00021.html
Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/2982

Scores

EPSS 0.1382
EPSS Percentile 96.1%

Details

Status published
Products (2)
apache/tomcat 3.2.1
org.apache.tomcat/tomcat 0Maven
Published Dec 06, 2001
Tracked Since Feb 18, 2026