CVE-2002-1681

UNKNOWN

Cross-site scripting (XSS) vulnerability in Slashcode CVS releases June 17 through July 1 2002 allows remote attackers to execute arbitrary script as other users by injecting script into the paragraph <P> tag

Published Jun 21, 2005

Modified 1 years ago

No fix available

Details

Cross-site scripting (XSS) vulnerability in Slashcode CVS releases June 17 through July 1 2002 allows remote attackers to execute arbitrary script as other users by injecting script into the paragraph <P> tag.

References

WEBhttp://online.securityfocus.com/archive/1/280218 WEBhttp://online.securityfocus.com/archive/1/280255 WEBhttp://www.securityfocus.com/bid/5140 WEBhttps://exchange.xforce.ibmcloud.com/vulnerabilities/9473 ADVISORYhttps://www.cve.org/CVERecord?id=CVE-2002-1681

CVSS Analysis

CVSS v2.0

6.8

Exploitability

Access Vector

NetworkAV:N

Access Complexity

MediumAC:M

Authentication

NoneAu:N

Impact

Confidentiality

PartialC:P

Integrity

PartialI:P

Availability

PartialA:P

6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P

Ecosystems

Timeline

PublishedJun 21, 2005

ModifiedAug 8, 2024