CVE-2003-1271

AN HTTP 1.41e - Cross-Site Scripting via URL

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2003-1271. PoCs published by D4rkGr3y.

AI-analyzed exploit summary The exploit describes a cross-site scripting (XSS) vulnerability in AN HTTPD where HTML code is not adequately filtered, allowing remote attackers to execute script code in a user's browser. The example provided demonstrates how a malicious link could be crafted to display arbitrary HTML content.

Description

Cross-site scripting vulnerability (XSS) in AN HTTP 1.41e allows remote attackers to execute arbitrary web script or HTML as other users via a URL containing the script.

Exploits (1)

exploitdb WRITEUP VERIFIED

by D4rkGr3y · textremotemultiple

https://www.exploit-db.com/exploits/22130

View Code ZIP pw:eip

The exploit describes a cross-site scripting (XSS) vulnerability in AN HTTPD where HTML code is not adequately filtered, allowing remote attackers to execute script code in a user's browser. The example provided demonstrates how a malicious link could be crafted to display arbitrary HTML content.

Classification

Writeup 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: AN HTTPD (version not specified)

No auth needed

Prerequisites: A vulnerable version of AN HTTPD · A user visiting a crafted malicious link

MITRE ATT&CK

T1059.007 - JavaScript

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit, Vendor Advisory mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/305234

Exploit, Patch vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/6529

Third Party Advisory vdb-entry x_refsource_xf

http://www.iss.net/security_center/static/10977.php

Scores

EPSS 0.0177

EPSS Percentile 75.3%

Details

Status published

Products (1)

an/an-http 1.41e

Published Dec 31, 2003

Tracked Since Feb 18, 2026