CVE-2002-2378

Name of the Vulnerable Software and Affected Versions AN HTTP version 1.41d

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via a colon (:) in the query string, which is inserted into the resulting error page.

Recommendations For version 1.41d, consider restricting access to the query string to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid using colons (:) in query strings to prevent the injection of malicious scripts.