VULHUB ™

The W3C Jigsaw project includes a HTTP proxy server written in Java. When the proxy server cannot successfully resolve a fully qualified domain name, an error page is served to the client. The requested URL is included in the content of this page without being adequately sanitized. Consequently, embedded script code may execute within the context of the requested URL (and it's domain). Exploitation may result in theft of cookie information or impersonation of websites associated with the domain.

The W3C Jigsaw project includes a HTTP proxy server written in Java. When the proxy server cannot successfully resolve a fully qualified domain name, an error page is served to the client. The requested URL is included in the content of this page without being adequately sanitized. Consequently, embedded script code may execute within the context of the requested URL (and it's domain). Exploitation may result in theft of cookie information or impersonation of websites associated with the domain.