httpXSS.txt

2005-09-22T00:00:00
ID PACKETSTORM:40152
Type packetstorm
Reporter Josh Zlatin
Modified 2005-09-22T00:00:00

Description

                                        
                                            `The following web servers do not properly sanitize their output when  
returning a 404 resource not found error which could be used in a XSS  
attack:  
Orion 1.3.8   
Orion 1.4.5   
CompaqHTTPServer 2.1  
  
PoC: http://localhost/<script>alert('XSS')</script>  
  
--  
- Josh  
`