Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
exploitdbT.SuzukiEDB-ID:21649
HistoryJul 24, 2002 - 12:00 a.m.

Cacheflow CacheOS 3.1.x/4.0.x/4.1 - Unresolved Domain Cross-Site Scripting

2002-07-2400:00:00
T.Suzuki
www.exploit-db.com
23

AI Score

7.4

Confidence

Low

JSON
source: https://www.securityfocus.com/bid/5305/info

CacheOS is the firmware designed and distributed with CacheFlow web cache systems. It is maintained and distributed by CacheFlow.

User supplied data is not sanitized before being included in an unresolved host error page. An attacker may construct a link for a nonexistant subdomain of a valid site, and include malicious JavaScript. If followed, the supplied script code will execute within the context of the requested domain.

http://dummy.example.com/<script>EVIL CODE</script>

Related

cvelist 1
nvd 1
cve 1
nessus 1
cvelist
cvelist
CVE-2002-1060
2003-04-02 05:00:00
nvd
nvd
CVE-2002-1060
2002-10-04 04:00:00
cve
cve
CVE-2002-1060
2003-04-02 05:00:00
nessus
nessus
Web Server Generic XSS
2001-11-30 00:00:00

AI Score

7.4

Confidence

Low

JSON
Related for EDB-ID:21649
cvelist1nvd1cve1nessus1