Cross-site scripting (XSS) vulnerability in Bajie Java HTTP Server 0.95 up to and including 0.95zxv4 allows remote malicious users to inject arbitrary web script or HTML via (1) the query string to test.txt, (2) the guestName parameter to the custMsg servlet, or (3) the cookiename parameter to the CookieExample servlet.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bajie java http server 0.95 |