CVE-2002-2192

Name of the Vulnerable Software and Affected Versions: Perception LiteServe version 2.0.1

Description: A cross-site scripting (XSS) issue allows remote attackers to execute arbitrary web script. This can be achieved via the Host: header when DNS wildcards are supported or through the query string in a "dir" request to indexed folders.

Recommendations: For Perception LiteServe version 2.0.1, consider disabling the ability to process arbitrary query strings in "dir" requests to indexed folders as a temporary workaround until a patch is available. Restrict access to the Host: header when DNS wildcards are supported to minimize the risk of exploitation.