Arbitrary Script Execution via Nonexistent Host Reference in W3C Jigsaw Proxy Server

Arbitrary Script Execution via Nonexistent Host Reference in W3C Jigsaw Proxy Server

CVE-2002-1053 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Cross-site scripting (XSS) vulnerability in W3C Jigsaw Proxy Server before 2.2.1 allows remote attackers to execute arbitrary script via a URL that contains a reference to a nonexistent host followed by the script, which is included in the resulting error message.

Learn more about our Cis Benchmark Audit For Server Software.