CVE-2003-1511 Information

Description

Cross-site scripting (XSS) vulnerability in Bajie Java HTTP Server 0.95 through 0.95zxv4 allows remote attackers to inject arbitrary web script or HTML via (1) the query string to test.txt (2) the guestName parameter to the custMsg servlet or (3) the cookiename parameter to the CookieExample servlet.

Reference

http://secunia.com/advisories/10023 http://securityreason.com/securityalert/3306 http://www.geocities.com/gzhangx/websrv/docs/security.html http://www.securityfocus.com/archive/1/341452 http://www.securityfocus.com/bid/8841