Secunia Reports Cross-Site Scripting Vulnerability in JRun

Secunia Advisories reported that some vulnerabilities have been identified in Macromedia JRun, which can be exploited by malicious people to conduct Cross-Site Scripting attacks.

The vulnerabilities are caused due to missing input validation in "clusterframe.jsp" and "webserverlist.jsp", which are accessible via the JMC interface. This can be exploited to execute arbitrary script code in a user's browser session by tricking the user into visiting a malicious website or clicking a specially crafted link.

To find out more, see the Secunia Advisory below:

Macromedia JRun JMC Interface Cross-Site Scripting Vulnerabilities (Secunia Advisories, November 28, 2003)

• Subscribe
• RSS

• Editorial
• Specials
• Community
• News
• Tech and Tags
• Views
• Reviews
• Techniques
• Security
• Best of ColdFusion Talk
• Knowledge Base
• Blog Watch

• Tipical Charlie