Description

Directory traversal vulnerability in source.jsp of Apache Tomcat before 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the argument to source.jsp.

Remediation

References

CVE-2000-1210

Related Vulnerabilities

Zenphoto Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-2641)

ClipBucket Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3717)

XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29527)

WordPress Plugin External 'Video for Everybody' Cross-Site Scripting (2.0)

WordPress Plugin Event Registration Multiple Vulnerabilities (6.02.03)

Severity

Medium

Classification

CVE-2000-1210

Tags

Missing Update Known Vulnerabilities