CVE-2001-1157

Name of the Vulnerable Software and Affected Versions Baltimore Technologies WEBsweeper versions 4.0 through 4.02

Description The issue allows remote attackers to bypass filtering of Javascript from HTML pages. This can be achieved by using an extra leading < and one or more characters before the SCRIPT tag, or by utilizing tags with Unicode.

Recommendations For versions 4.0 through 4.02, consider disabling the processing of Unicode tags and ensure proper filtering of Javascript from HTML pages to mitigate the risk of exploitation.