CVE-2004-2102
Description
FREESCO 2.05 and thttpd are vulnerable to XSS via the test parameter in a CGI script, allowing script injection.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
FREESCO 2.05 and thttpd are vulnerable to XSS via the test parameter in a CGI script, allowing script injection.
Vulnerability
A cross-site scripting (XSS) vulnerability exists in FREESCO 2.05, which uses a modified version of the thttpd web server. The vulnerability is located in the CGI test script and is triggered via the test parameter, allowing remote attackers to inject arbitrary web script or HTML [1].
Exploitation
An attacker can exploit this vulnerability by crafting a malicious link to the affected web server that includes hostile HTML and script code in the test parameter. If a victim user clicks this link, the malicious code will be rendered in their web browser [1].
Impact
Successful exploitation of this vulnerability can lead to the execution of arbitrary web script or HTML in the context of the victim's browser. This could result in the theft of cookie-based authentication credentials or other client-side attacks [1].
Mitigation
FREESCO 2.05 and thttpd are affected by this vulnerability. Information regarding a fixed version or specific mitigation steps is not yet disclosed in the available references.
AI Insight generated on Jun 2, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2News mentions
0No linked articles in our index yet.