header-logo
Suggest Exploit
vendor:
GoAhead WebServer
by:
SecurityFocus
7.5
CVSS
HIGH
Cross-Site Scripting
79
CWE
Product Name: GoAhead WebServer
Affected Version From: GoAhead WebServer 2.1
Affected Version To: GoAhead WebServer 2.1
Patch Exists: YES
Related CWE: CVE-2002-0991
CPE: 2.1
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: None
2002

A vulnerability has been reported for GoAhead WebServer 2.1

GoAhead WebServer 2.1 is vulnerable to Cross-Site Scripting attacks due to unsanitized requested URLs when displaying a 404 error page. An attacker may be able to trick a user into following a link which includes malicious script code, and executing the attack.

Mitigation:

Users should avoid following links from untrusted sources.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/5198/info

A vulnerability has been reported for GoAhead WebServer 2.1. Reportedly, it is possible for attackers to launch cross site scripting attacks against vulnerable systems.

GoAhead WebServer includes unsanitized requested URLs when displaying a 404 error page. An attacker may be able to trick a user into following a link which includes malicious script code, and executing the attack. 

GoAhead-server/SCRIPTalert(document.domain)/SCRIPT

Navigation

Suggest Exploit

Services By CQR