CVE-2002-2378

Nakata AN Httpd - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in AN HTTP 1.41d allows remote attackers to inject arbitrary web script or HTML via a colon (:) in the query string, which is inserted into the resulting error page.

References (3)

[Patch] http://cert.uni-stuttgart.de/archive/bugtraq/2002/10/msg00387.html

[Patch] http://www.securityfocus.com/bid/6054

[Third Party Advisory] http://www.iss.net/security_center/static/10487.php

Scores

EPSS 0.0040

EPSS Percentile 60.3%

Classification

CWE

CWE-79

Status draft

Affected Products (1)

nakata/an_httpd

Timeline

Published Dec 31, 2002

Tracked Since Feb 18, 2026