This page lists publicly disclosed CVE vulnerabilities affecting w3c jigsaw (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2004-2274 | Unknown vulnerability in Jigsaw before 2.2.4 has unknown impact and attack vectors, possibly related to the parsing of the URI. | [email protected] | 6.4 | 1.31% | 2004-12-31 | 2026-06-16 |
| CVE-2002-1053 | Cross-site scripting (XSS) vulnerability in W3C Jigsaw Proxy Server before 2.2.1 allows remote attackers to execute arbitrary script via a URL that contains a reference to a nonexistent host followed by the script, which is included in the resulting error message. | [email protected] | 6.8 | 2.09% | 2002-10-04 | 2026-06-16 |
| CVE-2002-1052 | Jigsaw 2.2.1 on Windows systems allows remote attackers to use MS-DOS device names in HTTP requests to (1) cause a denial of service using the "con" device, or (2) obtain the physical path of the server using two requests to the "aux" device. | [email protected] | 5.0 | 2.83% | 2002-10-04 | 2026-06-16 |