Lucene search

[email protected]CVE-2002-2378

HistoryOct 03, 2022 - 4:23 p.m.

CVE-2002-2378

2022-10-0316:23:49

CWE-79

[email protected]

web.nvd.nist.gov

cve-2002-2378

cross-site scripting

xss vulnerability

http 1.41d

remote attackers

web script

html

query string

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

50.8%

JSON

Cross-site scripting (XSS) vulnerability in AN HTTP 1.41d allows remote attackers to inject arbitrary web script or HTML via a colon (:) in the query string, which is inserted into the resulting error page.

Affected configurations

NVD

Node

nakataan_httpdMatch1.41d

CPENameOperatorVersion
nakata:an_httpdnakata an httpdeq1.41d

CPE	Name	Operator	Version
nakata:an_httpd	nakata an httpd	eq	1.41d

References

cert.uni-stuttgart.de/archive/bugtraq/2002/10/msg00387.html

www.iss.net/security_center/static/10487.php

www.securityfocus.com/bid/6054

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

50.8%

JSON

Related for CVE-2002-2378

cvelist1 nvd1