MLdonkey 2.5-4 - Cross-Site Scripting

Author: Chris Sharp
type: remote
platform: multiple
port: 
date_added: 2003-10-31 
date_updated: 2017-02-14 
verified: 1 
codes: CVE-2003-1164;OSVDB-2769 
tags: 
aliases:  
screenshot_url:  
application_url: 

source: https://www.securityfocus.com/bid/8946/info

It has been reported that the Mldonkey web interface is prone to cross-site scripting attacks when reporting errors. The problem occurs due to insufficient sanitization of script code within requests. This could potentially allow an attacker to carry out a variety of attacks on a user.

http://127.0.0.1:4080/<script>...</script>