Vulnerability Details CVE-2002-2378
Cross-site scripting (XSS) vulnerability in AN HTTP 1.41d allows remote attackers to inject arbitrary web script or HTML via a colon (:) in the query string, which is inserted into the resulting error page.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 48.9%
CVSS Severity
CVSS v2 Score 4.3
References
- http://cert.uni-stuttgart.de/archive/bugtraq/2002/10/msg00387.html
- http://www.iss.net/security_center/static/10487.php
- http://www.securityfocus.com/bid/6054
- http://cert.uni-stuttgart.de/archive/bugtraq/2002/10/msg00387.html
- http://www.iss.net/security_center/static/10487.php
- http://www.securityfocus.com/bid/6054