Lucene search

[email protected]CVE-2001-1441

HistoryApr 21, 2005 - 4:00 a.m.

CVE-2001-1441

2005-04-2104:00:00

[email protected]

web.nvd.nist.gov

cve-2001-1441

xss vulnerability

visualage for java

remote attack

javascript

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

6.3 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

73.1%

JSON

Cross-site scripting (XSS) vulnerability in VisualAge for Java 3.5 Professional allows remote attackers to execute JavaScript on other clients via the URL, which injects the script in the resulting error message.

Affected configurations

NVD

Node

ibmvisualage_for_javaMatch3.5pro

CPENameOperatorVersion
ibm:visualage_for_javaibm visualage for javaeq3.5

CPE	Name	Operator	Version
ibm:visualage_for_java	ibm visualage for java	eq	3.5

References

archive.cert.uni-stuttgart.de/archive/bugtraq/2001/07/msg00021.html

www.kb.cert.org/vuls/id/270083

exchange.xforce.ibmcloud.com/vulnerabilities/6793

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

6.3 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

73.1%

JSON

Related for CVE-2001-1441

cvelist1 nvd1