Vulnerabilities > CVE-2001-0829 - Cross-Site Scripting vulnerability in Apache Tomcat 3.2.1
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
A cross-site scripting vulnerability in Apache Tomcat 3.2.1 allows a malicious webmaster to embed Javascript in a request for a .JSP file, which causes the Javascript to be inserted into an error message.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Nessus
| NASL family | Web Servers |
| NASL id | TOMCAT_3_2_2.NASL |
| description | The instance of Apache Tomcat 3.x listening on the remote host is affected by a cross-site scripting vulnerability. An attacker is able to embed JavaScript into a request for a JSP file creating an error condition. The request is not sanitized before being displayed on the application error page. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 50448 |
| published | 2010-11-02 |
| reporter | This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/50448 |
| title | Apache Tomcat 3.x < 3.2.2 JSP Error Condition XSS |