Unrated severityNVD Advisory· Published Mar 7, 2003· Updated Apr 16, 2026

CVE-2003-0053

Description

Cross-site scripting (XSS) vulnerability in parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to insert arbitrary script via the filename parameter, which is inserted into an error message.

Affected products

Apple Inc./Darwin Streaming Server
cpe:2.3:a:apple:darwin_streaming_server:4.1.2:*:*:*:*:*:*:*
Apple Inc./Quicktime Streaming Server
cpe:2.3:a:apple:quicktime_streaming_server:4.1.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.iss.net/security_center/static/11404.phpnvdVendor Advisory
lists.apple.com/archives/security-announce/2003/Feb/25/applesa20030225macosx102.txtnvd
marc.infonvd
www.securityfocus.com/bid/6958nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000