CVE-2003-0044

EPSS 27.29%
Published 07.02.2003 05:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Multiple cross-site scripting (XSS) vulnerabilities in the (1) examples and (2) ROOT web applications for Jakarta Tomcat 3.x through 3.3.1a allow remote attackers to insert arbitrary web script or HTML.

Affected products Warnungen 0 Metrics 2 CWE 0 References 13

Data is provided by the National Vulnerability Database (NVD)

Apache ≫ Tomcat Version3.0

Apache ≫ Tomcat Version3.1

Apache ≫ Tomcat Version3.1.1

Apache ≫ Tomcat Version3.2

Apache ≫ Tomcat Version3.2.1

Apache ≫ Tomcat Version3.2.3

Apache ≫ Tomcat Version3.2.4

Apache ≫ Tomcat Version3.3

Apache ≫ Tomcat Version3.3.1

Apache ≫ Tomcat Version3.3.1a

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	27.29%	0.962

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P

http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/

Vendor Advisory

http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt

Vendor Advisory

http://secunia.com/advisories/7972

http://www.ciac.org/ciac/bulletins/n-060.shtml

http://www.debian.org/security/2003/dsa-246

Patch

Vendor Advisory

http://www.securityfocus.com/advisories/5111

http://www.osvdb.org/9203

http://www.osvdb.org/9204

http://www.securityfocus.com/bid/6720

https://exchange.xforce.ibmcloud.com/vulnerabilities/11196

https://nvd.nist.gov/vuln/detail/CVE-2003-0044

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2003-0044

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2003-0044

EUVD