Unknown vulnerability in Jigsaw before 2.2.4 has unknown impact and attack vectors, possibly related to the parsing of the URI.
Max CVSS
6.4
EPSS Score
0.59%
Published
2004-12-31
Updated
2017-07-11
Cross-site scripting (XSS) vulnerability in W3C Jigsaw Proxy Server before 2.2.1 allows remote attackers to execute arbitrary script via a URL that contains a reference to a nonexistent host followed by the script, which is included in the resulting error message.
Max CVSS
6.8
EPSS Score
1.03%
Published
2002-10-04
Updated
2008-09-05
Jigsaw 2.2.1 on Windows systems allows remote attackers to use MS-DOS device names in HTTP requests to (1) cause a denial of service using the "con" device, or (2) obtain the physical path of the server using two requests to the "aux" device.
Max CVSS
5.0
EPSS Score
1.74%
Published
2002-10-04
Updated
2016-10-18
3 vulnerabilities found