Lucene search

[email protected]CVE-2002-1965

HistoryDec 31, 2002 - 5:00 a.m.

CVE-2002-1965

2002-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2002-1965

cross-site scripting

xss

imatix xitami

vulnerability

web security

6.3 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.004 Low

EPSS

Percentile

74.5%

JSON

Cross-site scripting (XSS) vulnerability in Errors.gsl in Imatix Xitami 2.5b4 and 2.5b5 allows remote attackers to inject arbitrary web script or HTML via the (1) Javascript events, as demonstrated via an onerror event in an IMG SRC tag or (2) User-Agent field in an HTTP GET request.

CPENameOperatorVersion
imatix:xitamiimatix xitamieq2.5_b4
imatix:xitamiimatix xitamieq2.5_b5

CPE	Name	Operator	Version
imatix:xitami	imatix xitami	eq	2.5_b4
imatix:xitami	imatix xitami	eq	2.5_b5

References

online.securityfocus.com/archive/1/277058

online.securityfocus.com/archive/1/279269

www.securityfocus.com/bid/5025

6.3 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.004 Low

EPSS

Percentile

74.5%

JSON

Related for CVE-2002-1965

cvelist1