A cross-site scripting vulnerability in Caucho Technology Resin before 1.2.4 allows a malicious webmaster to embed Javascript in a hyperlink that ends in a .jsp extension, which causes an error message that does not properly quote the Javascript.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Resin | Caucho_technology | * | 1.2.4 (including) |
Resin | Caucho_technology | 1.2.2 (including) | 1.2.2 (including) |