CVE-2002-2192

2022-10-0316:23:49

mitre

www.cve.org

cross-site scripting

perception liteserve

remote attackers

arbitrary web script

dns wildcards

indexed folders

6.2 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

73.4%

JSON

Cross-site scripting (XSS) vulnerability in Perception LiteServe 2.0.1 allows remote attackers to execute arbitrary web script via (1) a Host: header when DNS wildcards are supported or (2) the query string in a “dir” request to indexed folders.

References

archives.neohapsis.com/archives/vulnwatch/2002-q4/0063.html

online.securityfocus.com/archive/1/298987

www.iss.net/security_center/static/10561.php

www.securityfocus.com/bid/6131

www.securityfocus.com/bid/6143