Multiple cross-site scripting (XSS) vulnerabilities in example scripts in Caucho Technology Resin 2.0 up to and including 2.1.2 allow remote malicious users to inject arbitrary web script or HTML via (1) env.jsp, (2) form.jsp, (3) session.jsp, (4) the move parameter to tictactoe.jsp, or the (5) name or (6) comment fields to guestbook.jsp.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
caucho technology resin 2.1.1 |
||
caucho technology resin 2.1.12 |
||
caucho technology resin 2.1.2 |
||
caucho technology resin 2.0 |