Lucene search

MitreCVE-2002-0458

HistoryAug 12, 2002 - 4:00 a.m.

CVE-2002-0458

2002-08-1204:00:00

mitre

web.nvd.nist.gov

cve-2002-0458

news-tnk 1.2.1

cross-site scripting

xss

remote attack

javascript

nvd

CVSS2

7.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

AI Score

7.3

Confidence

High

EPSS

0.013

Percentile

85.8%

JSON

Cross-site scripting vulnerability in News-TNK 1.2.1 and earlier allows remote attackers to execute arbitrary Javascript via the WEB parameter.

Affected configurations

Nvd

Node

linux-sottisesnews-tnkRange≤1.2.2

VendorProductVersionCPE
linux-sottisesnews-tnk*cpe:2.3:a:linux-sottises:news-tnk:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
linux-sottises	news-tnk	*	cpe:2.3:a:linux-sottises:news-tnk::::::::

References

archives.neohapsis.com/archives/bugtraq/2002-03/0206.html

translate.google.com/translate?u=http%3A%2F%2Fwww.linux-sottises.net%2Findex.php%3Fnews_init%3D13%23newstag&langpair=fr%7Cen&hl=en&ie=UTF8&oe=UTF8&prev=%2Flanguage_tools

www.iss.net/security_center/static/8477.php

www.linux-sottises.net/software/news-tnk/CHANGES

www.securityfocus.com/bid/14145

CVSS2

7.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

AI Score

7.3

Confidence

High

EPSS

0.013

Percentile

85.8%

JSON

Related for CVE-2002-0458