Cross-Site Scripting Vulnerability in IBM Web Traffic Express Caching Proxy Server
CVE-2002-1167

Currently unrated

Key Information:

Vendor: IBM
Status: Websphere Caching Proxy Server
Vendor: CVE Published:; 4 November 2002

Summary

A cross-site scripting (XSS) vulnerability exists in IBM Web Traffic Express Caching Proxy Server versions 3.6 and 4.x prior to 4.0.1.26. This flaw enables remote attackers to execute malicious scripts in the context of other users by crafting a specially crafted HTTP GET request, potentially leading to unauthorized actions or data breaches. Users running vulnerable versions are strongly advised to apply security updates promptly to mitigate this risk.

References

http://www.securityfocus.com/bid/6000

vdb-entryx_refsource_BID

http://www.iss.net/security_center/static/10453.php

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Nov 4, 2002
Vulnerability Reserved
Sep 27, 2002