CVE-2002-0494

Name of the Vulnerable Software and Affected Versions WebSight Directory System version 0.1

Description A cross-site scripting issue allows remote attackers to execute arbitrary Javascript, potentially gaining access to the WebSight administrator. This can be achieved by submitting a new link with the malicious script in the website name.

Recommendations For WebSight Directory System version 0.1, consider validating and sanitizing user input for website names to prevent the execution of arbitrary Javascript code. As a temporary workaround, restrict access to the link submission feature until a proper fix is applied.