CVE-2005-4502
httprint v202 - Cross-Site Scripting via Server Field in HTTP Response
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2005-4502. PoCs published by Mariano Nunez Di Croce.
AI-analyzed exploit summary The code describes two vulnerabilities in httprint version 202: a cross-site scripting (XSS) vulnerability via the SecServerSignature field and a denial-of-service (DoS) issue. The example demonstrates how an attacker could inject arbitrary HTML and script code into a user's browser.
Description
Cross-site scripting (XSS) vulnerability in httprint v202, and possibly other versions before v301, allows remote attackers to inject arbitrary web script or HTML via the Server field in an HTTP response, which is not sanitized before being displayed to the user.
Exploits (1)
The code describes two vulnerabilities in httprint version 202: a cross-site scripting (XSS) vulnerability via the SecServerSignature field and a denial-of-service (DoS) issue. The example demonstrates how an attacker could inject arbitrary HTML and script code into a user's browser.