CVE-2002-2318
Blueface Falcon Web Server - XSS
Title source: ruleDescription
Cross-site scripting (XSS) vulnerability in Falcon web server 2.0.0.1009 through 2.0.0.1021 allows remote attackers to inject arbitrary web script or HTML via the URI, which is inserted into 301 error messages and executed by 404 error messages.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Matt Murphy · textremotewindows
https://www.exploit-db.com/exploits/21698
Scores
EPSS
0.0056
EPSS Percentile
68.1%
Classification
CWE
CWE-79
Status
draft
Affected Products (4)
blueface/falcon_web_server
blueface/falcon_web_server
blueface/falcon_web_server
blueface/falcon_web_server
Timeline
Published
Dec 31, 2002
Tracked Since
Feb 18, 2026