CVE-2001-1157 Information

Description

Baltimore Technologies WEBsweeper 4.0 and 4.02 does not properly filter Javascript from HTML pages which could allow remote attackers to bypass the filtering via (1) an extra leading and one or more characters before the SCRIPT tag or (2) tags using Unicode.

Reference

http://www.securityfocus.com/archive/1/203821 http://www.securityfocus.com/bid/3172 http://www.securityfocus.com/bid/3173