CVE-2002-1167

IBM Web Traffic Express <4.0.1.26 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in IBM Web Traffic Express Caching Proxy Server 3.6 and 4.x before 4.0.1.26 allows remote attackers to execute script as other users via an HTTP GET request.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Rapid7 · textremoteunix

https://www.exploit-db.com/exploits/21947

View Code ZIP pw:eip

References (2)

Core 2

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/6000

Vendor Advisory vdb-entry x_refsource_xf

http://www.iss.net/security_center/static/10453.php

Scores

EPSS 0.0441

EPSS Percentile 89.1%

Details

Status published

Products (2)

ibm/websphere_caching_proxy_server 3.6

ibm/websphere_caching_proxy_server 4.0

Published Nov 04, 2002

Tracked Since Feb 18, 2026