Netscape Communicator 4.04 through 4.7 (and possibly other versions) in various UNIX operating systems converts the 0x8b character to a "<" sign, and the 0x9b character to a ">" sign, which could allow remote attackers to attack other clients via cross-site scripting (CSS) in CGI programs that do not filter these characters.
| Software | From | Fixed in |
|---|---|---|
| netscape / communicator | 4.04 | 4.04.x |
| netscape / communicator | 4.51 | 4.51.x |
| netscape / communicator | - | 4.7.x |