Proxy Web Server XSS

Medium Nessus Plugin ID 11634


The remote proxy server is prone to cross-site scripting attacks.


The remote host is running a proxy web server that fails to adequately sanitize request strings of malicious JavaScript. By leveraging this issue, an attacker may be able to cause arbitrary HTML and script code to be executed in a user's browser within the security context of the affected site.


Contact the vendor for a patch or upgrade.

Plugin Details

Severity: Medium

ID: 11634

File Name: proxy_cross_site_scripting.nasl

Version: $Revision: 1.18 $

Type: remote

Family: Web Servers

Published: 2003/05/19

Modified: 2015/02/11

Dependencies: 10582, 17975

Risk Information

Risk Factor: Medium


Base Score: 4.3

Temporal Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Temporal Vector: CVSS2#E:H/RL:U/RC:ND

Vulnerability Information

Exploit Available: true

Exploit Ease: No exploit is required

Vulnerability Publication Date: 2003/05/14

Reference Information

CVE: CVE-2003-0292

BID: 7596

OSVDB: 6795

CWE: 20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990