CVE
- Id
- 4006
- CVE No.
- CVE-2001-1202
- Status
- Candidate
- Description
- Cross-site scripting vulnerability in DeleGate 7.7.0 and 7.7.1 does not quote scripting commands within a "403 Forbidden" error page, which allows remote attackers to execute arbitrary Javascript on other clients via a URL that generates an error.
- Phase
- Proposed (20020315)
- Votes
- ACCEPT(1) Frech | NOOP(5) Cole, Foat, Green, Wall, Ziese
- Comments
- Green> Change history at the DeleGate is not specific enough to determine if | the java scripting problem has been addressed.