7 lines
No EOL
540 B
Text
7 lines
No EOL
540 B
Text
source: http://www.securityfocus.com/bid/5305/info
|
|
|
|
CacheOS is the firmware designed and distributed with CacheFlow web cache systems. It is maintained and distributed by CacheFlow.
|
|
|
|
User supplied data is not sanitized before being included in an unresolved host error page. An attacker may construct a link for a nonexistant subdomain of a valid site, and include malicious JavaScript. If followed, the supplied script code will execute within the context of the requested domain.
|
|
|
|
http://dummy.example.com/<script>EVIL CODE</script> |