2 matches found
CVE-2008-0409
CVE-2008-0409 describes a cross-site scripting (XSS) vulnerability in HTTP File Server (HFS) prior to 2.2c. The issue arises from how the server handles the userinfo subcomponent of a URL, allowing remote attackers to inject arbitrary web script or HTML into responses. Affected product: HFS (HTTP...
Syhunt: HFS (HTTP File Server) Template Cross-Site Scripting and Information Disclosure Vulnerabilities
Syhunt: HFS HTTP File Server Template Cross-Site Scripting and Information Disclosure Vulnerabilities Advisory-ID: 200801161 Discovery Date: 1.16.2008 Release Date: 1.23.2008 Affected Applications: HFS 2.0 to and including 2.3Beta Build 174 Non-Affected Applications: HFS 1.6a and earlier versions...