Lucene search

[email protected]CVE-2002-1453

HistoryMar 18, 2003 - 5:00 a.m.

CVE-2002-1453

2003-03-1805:00:00

[email protected]

web.nvd.nist.gov

cve-2002-1453

cross-site scripting

xss

mywebserver 1.0.2

remote attackers

html

script

error message

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.2%

JSON

Cross-site scripting (XSS) vulnerability in MyWebServer 1.0.2 allows remote attackers to insert script and HTML via a long request followed by the malicious script, which is echoed back to the user in an error message.

Affected configurations

NVD

Node

mywebservermywebserverMatch1.0.2

CPENameOperatorVersion
mywebserver:mywebservermywebservereq1.0.2

CPE	Name	Operator	Version
mywebserver:mywebserver	mywebserver	eq	1.0.2

References

archives.neohapsis.com/archives/vulnwatch/2002-q3/0077.html

marc.info/?l=bugtraq&m=102935720109934&w=2

www.iss.net/security_center/static/9861.php

www.securityfocus.com/bid/5470

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.2%

JSON

Related for CVE-2002-1453

cvelist1 nvd1