Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2002-1167

Publish Date: 23 Oct 2002

Author: Rapid7

                source: http://www.securityfocus.com/bid/6000/info

A vulnerability has been discoverered in the Caching Proxy component bundled with the IBM Websphere Edge Server.

It has been reported that the Caching Proxy is vulnerable to cross site scripting attacks. Due to insufficient sanitization of user-supplied input it is possible for an attacker to construct a malicious link which contains arbitrary HTML and script code, which will be executed in the web client of a user who visits the malicious link.

Attacks of this nature may make it possible for attackers to steal cookie-based authentication credentials.

Request the following path from the caching proxy server:

/"&gt;&lt;img%20src="javascript:alert(document.domain)"&gt;

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

IBM Websphere Edge Server 3.6/4.0 - Cross-Site Scripting

Vulmon Search

About

Products

Connect