CacheFlow CacheOS 3.1.x/4.0.x/4.1 Unresolved Domain Cross Site Scripting Vulnerability

ID SSV:75473
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00


No description provided by source.


CacheOS is the firmware designed and distributed with CacheFlow web cache systems. It is maintained and distributed by CacheFlow.

User supplied data is not sanitized before being included in an unresolved host error page. An attacker may construct a link for a nonexistant subdomain of a valid site, and include malicious JavaScript. If followed, the supplied script code will execute within the context of the requested domain.<script>EVIL CODE</script>