Cross-Site Scripting Vulnerability in CERN Proxy Server
CVE-2002-1445

Currently unrated

Key Information:

Vendor: W3c
Status: Cern Httpd
Vendor: CVE Published:; 12 August 2002

What is CVE-2002-1445?

The CERN Proxy Server is susceptible to a Cross-Site Scripting (XSS) vulnerability that allows remote attackers to inject executable scripts into web pages viewed by users. This occurs through manipulated links to non-existent pages that, when accessed, return an error page containing the malicious script. This oversight can lead to unauthorized script execution in the context of another user, posing significant security risks.

References

http://archives.neohapsis.com/archives/bugtraq/2002-08/00...

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/5447

vdb-entryx_refsource_BID

http://www.iss.net/security_center/static/9834.php

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Feb 5, 2003
Vulnerability published
Aug 12, 2002

W3c

What is CVE-2002-1445?

References

Timeline