CVE-2001-0926

3 documents3 sources
Severity
5.0MEDIUM
EPSS
3.2%
top 12.96%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Macromedia Jrun
Timeline
PublishedNov 28
Latest updateApr 30

Description

SSIFilter in Allaire JRun 3.1, 3.0 and 2.3.3 allows remote attackers to obtain source code for Java server pages (.jsp) and other files in the web root via an HTTP request for a non-existent SSI page, in which the request's body has an #include statement.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDmacromedia/jrun2.3.3, 3.0, 3.1+2

Patches

Patch: www.macromedia.comPatch: www.securityfocus.comPatch: www.macromedia.com

🔴Vulnerability Details

2
GHSA
GHSA-686x-96mh-c8qp: SSIFilter in Allaire JRun 32022-04-30
CVEList
CVE-2001-0926: SSIFilter in Allaire JRun 32002-02-02
CVE-2001-0926 (MEDIUM CVSS 5) | SSIFilter in Allaire JRun 3.1 | cvebase.io