CVE-2004-1477

Severity

43%

Complexity

86%

Confidentiality

48%

Cross-site scripting (XSS) vulnerability in the Management Console in JRun 4.0 allows remote attackers to execute arbitrary web script or HTML and possibly hijack a user's session.

Cross-site scripting (XSS) vulnerability in the Management Console in JRun 4.0 allows remote attackers to execute arbitrary web script or HTML and possibly hijack a user's session.

CVSS 2.0 Base Score 4.3. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N).

Overview

Type

Macromedia JRun

First reported 20 years ago

2004-12-31 05:00:00

Last updated 7 years ago

2017-07-11 01:31:00

Affected Software

Macromedia JRun 3.0

3.0

Macromedia JRun 3.1

3.1

Macromedia JRun 4.0

4.0

References

20040923 New Macromedia Security Zone Bulletins Posted

12638

VU#668206

Patch, Third Party Advisory, US Government Resource

http://www.macromedia.com/devnet/security/security_zone/mpsb04-08.html

Patch, Vendor Advisory

11245

Patch

jrun-management-console-xss(17483)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.