Lucene search

[email protected]CVE-2002-0117

HistoryMar 25, 2002 - 5:00 a.m.

CVE-2002-0117

2002-03-2505:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cybersecurity

xss

vulnerability

remote attack

scripts

yet another bulletin board

javascript

img tag

7.5 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.094 Low

EPSS

Percentile

94.6%

JSON

Cross-site scripting vulnerability in Yet Another Bulletin Board (YaBB) 1 Gold SP 1 and earlier allows remote attackers to execute arbitrary script and steal cookies via a message containing encoded Javascript in an IMG tag.

CPENameOperatorVersion
yabb:yabbyabbeq2000-09-11
yabb:yabbyabbeq2000-09-01
yabb:yabbyabbeq0.01_release
yabb:yabbyabbeq0.01_sp1

CPE	Name	Operator	Version
yabb:yabb	yabb	eq	2000-09-11
yabb:yabb	yabb	eq	2000-09-01
yabb:yabb	yabb	eq	0.01_release
yabb:yabb	yabb	eq	0.01_sp1

References

online.securityfocus.com/archive/1/249031

online.securityfocus.com/cgi-bin/vulns-item.pl?section=info&id=3828

www.iss.net/security_center/static/7840.php

www.osvdb.org/2019

www.yabbforum.com/

7.5 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.094 Low

EPSS

Percentile

94.6%

JSON