6.8

CVE-2003-0044

Multiple cross-site scripting (XSS) vulnerabilities in the (1) examples and (2) ROOT web applications for Jakarta Tomcat 3.x through 3.3.1a allow remote attackers to insert arbitrary web script or HTML.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ApacheTomcat Version3.0
ApacheTomcat Version3.1
ApacheTomcat Version3.1.1
ApacheTomcat Version3.2
ApacheTomcat Version3.2.1
ApacheTomcat Version3.2.3
ApacheTomcat Version3.2.4
ApacheTomcat Version3.3
ApacheTomcat Version3.3.1
ApacheTomcat Version3.3.1a
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 9.13% 0.947
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/
Vendor Advisory
http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt
Vendor Advisory
http://secunia.com/advisories/7972
http://www.ciac.org/ciac/bulletins/n-060.shtml
http://www.debian.org/security/2003/dsa-246
Patch
Vendor Advisory
http://www.securityfocus.com/advisories/5111
http://www.osvdb.org/9203
http://www.osvdb.org/9204
http://www.securityfocus.com/bid/6720
https://exchange.xforce.ibmcloud.com/vulnerabilities/11196