CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2003-0413

Cross-site scripting (XSS) vulnerability in the webapps-simple sample application for (1) Sun ONE Application Server 7.0 for Windows 2000/XP or (2) Sun Java System Web Server 6.1 allows remote attackers to insert arbitrary web script or HTML via an HTTP request that generates an "Invalid JSP file" error, which inserts the text in the resulting error message.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.017

EPSS Ranking 81.2%

CVSS Severity

CVSS v2 Score 6.8

References

http://marc.info/?l=bugtraq&m=105409846029475&w=2
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F55221&zone_32=category%3Asecurity
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57605
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201009-1
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000610.1-1
http://www.ciac.org/ciac/bulletins/n-103.shtml
http://www.iss.net/security_center/static/12095.php
http://www.securityfocus.com/bid/7710
http://www.spidynamics.com/sunone_alert.html
http://marc.info/?l=bugtraq&m=105409846029475&w=2
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F55221&zone_32=category%3Asecurity
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57605
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201009-1
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000610.1-1
http://www.ciac.org/ciac/bulletins/n-103.shtml
http://www.iss.net/security_center/static/12095.php
http://www.securityfocus.com/bid/7710
http://www.spidynamics.com/sunone_alert.html

Products affected by CVE-2003-0413

Sun » One Application Server » Version: 7.0

cpe:2.3:a:sun:one_application_server:7.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2003-0413

Products

Pricing

Contact Us