CVE-2002-2246

Name of the Vulnerable Software and Affected Versions: VisNetic Website versions prior to 3.5.15

Description: The issue allows remote attackers to inject arbitrary web script or HTML via the HTTP REFERER variable in the HTTP referer header to a non-existent page. This injected content is then reflected into the resulting 404 error page, potentially leading to cross-site scripting (XSS) attacks.

Recommendations: For versions prior to 3.5.15, update to version 3.5.15 or later to resolve the issue.