Baltimore Technologies: >> Websweeper >> 4.0 Security Vulnerabilities
Baltimore Technologies WEBsweeper 4.0 and 4.02 does not properly filter Javascript from HTML pages, which could allow remote attackers to bypass the filtering via (1) an extra leading < and one or more characters before the SCRIPT tag, or (2) tags using Unicode.
CVSS Score
7.5
EPSS Score
0.004
Published
2001-08-12
Websweeper 4.0 does not limit the length of certain HTTP headers, which allows remote attackers to cause a denial of service (memory exhaustion) via an extremely large HTTP Referrer: header.
CVSS Score
5.0
EPSS Score
0.034
Published
2001-06-27