Lucene search

[email protected]CVE-2002-0682

HistoryJul 23, 2002 - 4:00 a.m.

CVE-2002-0682

2002-07-2304:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

apache tomcat

cross-site scripting

vulnerability

nvd

6.6 Medium

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.015 Low

EPSS

Percentile

86.5%

JSON

Cross-site scripting vulnerability in Apache Tomcat 4.0.3 allows remote attackers to execute script as other web users via script in a URL with the /servlet/ mapping, which does not filter the script when an exception is thrown by the servlet.

CPENameOperatorVersion
apache:tomcatapache tomcateq4.0.3

CPE	Name	Operator	Version
apache:tomcat	apache tomcat	eq	4.0.3

References

archives.neohapsis.com/archives/vulnwatch/2002-q3/0014.html

marc.info/?l=bugtraq&m=102631703811297&w=2

www.osvdb.org/4973

www.securityfocus.com/bid/5193

exchange.xforce.ibmcloud.com/vulnerabilities/9520

lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E

6.6 Medium

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.015 Low

EPSS

Percentile

86.5%

JSON

Related for CVE-2002-0682

openvas1 nessus1 tomcat1