Vulnerabilities > W3C > Jigsaw > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-2274 | Remote URI Parsing vulnerability in W3C Jigsaw Unknown vulnerability in Jigsaw before 2.2.4 has unknown impact and attack vectors, possibly related to the parsing of the URI. | 6.4 |
| 2002-10-04 | CVE-2002-1053 | Cross-Site Scripting vulnerability in W3C Jigsaw 2.2 Cross-site scripting (XSS) vulnerability in W3C Jigsaw Proxy Server before 2.2.1 allows remote attackers to execute arbitrary script via a URL that contains a reference to a nonexistent host followed by the script, which is included in the resulting error message. network w3c | 6.8 |
| 2002-10-04 | CVE-2002-1052 | Path Disclosure vulnerability in W3C Jigsaw 2.2.1 Jigsaw 2.2.1 on Windows systems allows remote attackers to use MS-DOS device names in HTTP requests to (1) cause a denial of service using the "con" device, or (2) obtain the physical path of the server using two requests to the "aux" device. | 5.0 |