Unrated severityNVD Advisory· Published Dec 11, 2000· Updated Jun 16, 2026
CVE-2000-1050
CVE-2000-1050
Description
Allaire JRun 3.0 http servlet server allows remote attackers to directly access the WEB-INF directory via a URL request that contains an extra "/" in the beginning of the request (aka the "extra leading slash").
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:macromedia:jrun:3.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:macromedia:jrun:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:macromedia:jrun:3.0:sp1:*:*:*:*:*:*
- Range: =3.0
Patches
Vulnerability mechanics
References
4- www.allaire.com/handlers/index.cfmnvdPatchVendor Advisory
- marc.infonvd
- www.osvdb.org/500nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/5407nvd
News mentions
0No linked articles in our index yet.