VULHUB ™

Bajie HTTP server does not sanitize HTML and script code from error output. Remote attackers could possibly exploit this to construct a malicious link to a vulnerable web server that contains hostile HTML and script code. If this link is followed, the attacker-supplied code could be interpreted in the web browser of the user following the link. This issue was reported in Bajie versions 0.95zxe and 0.95zxc. Other versions may also be affected.

Bajie HTTP server does not sanitize HTML and script code from error output. Remote attackers could possibly exploit this to construct a malicious link to a vulnerable web server that contains hostile HTML and script code. If this link is followed, the attacker-supplied code could be interpreted in the web browser of the user following the link. This issue was reported in Bajie versions 0.95zxe and 0.95zxc. Other versions may also be affected.