PT-2000-1961 · Allaire · Jrun
Published
2000-12-11
·
Updated
2016-10-18
·
CVE-2000-1052
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Allaire JRun version 2.3
Description
The issue allows remote attackers to obtain source code for executable content by directly calling the SSIFilter servlet.
Recommendations
For version 2.3, consider restricting access to the SSIFilter servlet as a temporary workaround until a patch is available.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Jrun