CVE-2002-0166

Name of the Vulnerable Software and Affected Versions analog versions prior to 5.22

Description The issue allows remote attackers to execute Javascript via an HTTP request containing the script. This script is entered into a web logfile and not properly filtered by analog during display, leading to a cross-site scripting issue.

Recommendations For versions prior to 5.22, update to version 5.22 or later to resolve the issue. As a temporary workaround, consider restricting access to the web logfile to minimize the risk of exploitation.