Netscape Communicator 4.04 up to and including 4.7 (and possibly other versions) in various UNIX operating systems converts the 0x8b character to a "<" sign, and the 0x9b character to a ">" sign, which could allow remote malicious users to attack other clients via cross-site scripting (CSS) in CGI programs that do not filter these characters.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
netscape communicator 4.51 |
||
netscape communicator |
||
netscape communicator 4.04 |