Cross-Site Scripting In Cherokee Error Pages Network Vulnerability

Summary

The remote web server is vulnerable to a cross-site scripting issue. Description : The remote host is running Cherokee - a fast and tiny web server. Due to a lack of sanitization from the user input, The remote version of this software is vulnerable to cross-site scripting attacks due to lack of sanitization in returned error pages.

Solution

Upgrade to Cherokee 0.4.8 or newer.

Severity

Classification

CVE CVE-2004-2171
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

iWeb Server URL Directory Traversal Vulnerability
Cross-Site Scripting in Cherokee Error Pages
IBM WebSphere Application Server (WAS) Security Bypass Vulnerability
Apache HTTP Server Scoreboard Security Bypass Vulnerability (Windows)
LiteSpeed Web Server Source Code Information Disclosure Vulnerability

Take action and discover your vulnerabilities