Vulnerabilities > CVE-2001-1157 - Unspecified vulnerability in Baltimore Technologies Websweeper 4.0/4.02
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Baltimore Technologies WEBsweeper 4.0 and 4.02 does not properly filter Javascript from HTML pages, which could allow remote attackers to bypass the filtering via (1) an extra leading < and one or more characters before the SCRIPT tag, or (2) tags using Unicode.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 2 |