CVE-2002-0292

2002-05-31T00:00:00
ID CVE-2002-0292
Type cve
Reporter NVD
Modified 2016-10-17T22:18:30

Description

Cross-site scripting vulnerability in Slash before 2.2.5, as used in Slashcode and elsewhere, allows remote attackers to steal cookies and authentication information from other users via Javascript in a URL, possibly in the formkey field.