VULHUB ™

Monkey HTTP Daemon ships with a sample script that is prone to cross-site scripting attacks. User-supplied input to these scripts via HTTP requests are not sanitized of HTML or script code before being echoed back in a web page. A remote attacker could take advantage of this issue to cause hostile HTML or script code to be rendered in the browser of a user who visits a malicious link to the sample script. It should be noted that the 'index.php' sample script may also be prone to the issue described in BID 7805 "PHP PHPInfo Cross-Site Scripting Vulnerability".

Monkey HTTP Daemon ships with a sample script that is prone to cross-site scripting attacks. User-supplied input to these scripts via HTTP requests are not sanitized of HTML or script code before being echoed back in a web page. A remote attacker could take advantage of this issue to cause hostile HTML or script code to be rendered in the browser of a user who visits a malicious link to the sample script. It should be noted that the 'index.php' sample script may also be prone to the issue described in BID 7805 "PHP PHPInfo Cross-Site Scripting Vulnerability".