Cross-Site Scripting Vulnerability in W3C Jigsaw Proxy Server
CVE-2002-1053

Currently unrated

Key Information:

Vendor: W3c
Status: Jigsaw
Vendor: CVE Published:; 4 October 2002

What is CVE-2002-1053?

The W3C Jigsaw Proxy Server prior to version 2.2.1 is susceptible to a cross-site scripting vulnerability that can be exploited by remote attackers. By crafting a URL that points to a nonexistent host and includes malicious script content, an attacker can cause this script to be executed in the context of the user's browser when the server returns an error message. This security flaw underscores the importance of validating user input and properly handling error messages in web applications to prevent unauthorized script execution.

References

http://www.osvdb.org/4015

vdb-entryx_refsource_OSVDB

http://archives.neohapsis.com/archives/bugtraq/2002-08/01...

mailing-listx_refsource_BUGTRAQ

http://www.iss.net/security_center/static/9914.php

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 4, 2002
Vulnerability Reserved
Aug 30, 2002

W3c

What is CVE-2002-1053?

References

Timeline