Lucene search

[email protected]CVE-2003-0341

HistoryMay 23, 2003 - 4:00 a.m.

CVE-2003-0341

2003-05-2304:00:00

[email protected]

web.nvd.nist.gov

cve-2003-0341

cross-site scripting

xss

owl intranet engine

remote attackers

search field

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

6.2 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.7%

JSON

Cross-site scripting (XSS) vulnerability in Owl Intranet Engine 0.71 and earlier allows remote attackers to insert arbitrary script via the Search field.

Affected configurations

NVD

Node

owlowl_intranet_engineMatch0.7

owlowl_intranet_engineMatch0.71

CPENameOperatorVersion
owl:owl_intranet_engineowl owl intranet engineeq0.7
owl:owl_intranet_engineowl owl intranet engineeq0.71

CPE	Name	Operator	Version
owl:owl_intranet_engine	owl owl intranet engine	eq	0.7
owl:owl_intranet_engine	owl owl intranet engine	eq	0.71

References

marc.info/?l=bugtraq&m=105353266220520&w=2

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

6.2 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.7%

JSON

Related for CVE-2003-0341

nvd1 cvelist1