Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0828


Vulnerability Score 5.1 5.1
CVE Id CVE-2001-0828
Last Modified 10 Sep 2008 03:09:02
Published 06 Dec 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE



A cross-site scripting vulnerability in Caucho Technology Resin before 1.2.4 allows a malicious webmaster to embed Javascript in a hyperlink that ends in a .jsp extension, which causes an error message that does not properly quote the Javascript.

Vulnerable Systems


  • Caucho Technology Resin 1.2.2

  • Caucho Technology Resin 1.2.4


CERT-VN - VU#981651

BID - 2981


XF - java-servlet-crosssite-scripting(6793)

OSVDB - 1890

BUGTRAQ - 20010702 Multiple Vendor Java Servlet Container Cross-Site Scripting Vulnerability

Last Updated: 27 May 2016 10:36:24