Lucene search

K
cve[email protected]CVE-2002-0955
HistoryOct 04, 2002 - 4:00 a.m.

CVE-2002-0955

2002-10-0404:00:00
NVD-CWE-Other
web.nvd.nist.gov
24
cve-2002-0955
cross-site scripting
vulnerability
yabb.cgi
web security
remote attack

6.9 Medium

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.031 Low

EPSS

Percentile

90.8%

Cross-site scripting vulnerability in YaBB.cgi for Yet Another Bulletin Board (YaBB) 1 Gold SP1 and earlier allows remote attackers to execute arbitrary script as other web site visitors via script in the num parameter, which is not filtered in the resulting error message.

CPENameOperatorVersion
yabb:yabbyabbeq1_gold_sp_1

6.9 Medium

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.031 Low

EPSS

Percentile

90.8%

Related for CVE-2002-0955