Lucene search
HistoryMay 16, 2002 - 4:00 a.m.
CVE-2002-0217
cve-2002-0217
xss vulnerability
xoops 1.0 rc1
js execution
pmlite.php
nvd
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
6.9 Medium
AI Score
Confidence
High
0.014 Low
EPSS
Percentile
86.7%
Cross-site scripting (CSS) vulnerabilities in the Private Message System for XOOPS 1.0 RC1 allow remote attackers to execute Javascript on other web clients via (1) the Title field or a Private Message Box or (2) the image field parameter in pmlite.php.
Affected configurations
Node
xoopsxoopsMatch1.0_rc1
| CPE | Name | Operator | Version |
|---|---|---|---|
| xoops:xoops | xoops | eq | 1.0_rc1 |
Related
seebug
seebug
XoopsδΈͺδΊΊζΆζ―η³»η»θ·¨η«θζ¬ζ§θ‘(CSS/XSS)ζΌζ΄
2008-10-25 00:00:00
cvelist
cvelist
CVE-2002-0217
2002-05-03 04:00:00
nvd
nvd
CVE-2002-0217
2002-05-16 04:00:00
nessus
nessus
XOOPS 1.0 RC1 Multiple Vulnerabilities
2003-03-22 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
6.9 Medium
AI Score
Confidence
High
0.014 Low
EPSS
Percentile
86.7%
Related for CVE-2002-0217