Vulnerabilities (CVE)

Filtered by vendor W3c Subscribe
Filtered by product Jigsaw
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2004-2274 1 W3c 1 Jigsaw 2024-11-20 6.4 MEDIUM N/A
Unknown vulnerability in Jigsaw before 2.2.4 has unknown impact and attack vectors, possibly related to the parsing of the URI.
CVE-2002-1053 1 W3c 1 Jigsaw 2024-11-20 6.8 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in W3C Jigsaw Proxy Server before 2.2.1 allows remote attackers to execute arbitrary script via a URL that contains a reference to a nonexistent host followed by the script, which is included in the resulting error message.
CVE-2002-1052 1 W3c 1 Jigsaw 2024-11-20 5.0 MEDIUM N/A
Jigsaw 2.2.1 on Windows systems allows remote attackers to use MS-DOS device names in HTTP requests to (1) cause a denial of service using the "con" device, or (2) obtain the physical path of the server using two requests to the "aux" device.