Lucene search
HistoryOct 03, 2022 - 4:15 p.m.
CVE-2003-1238
cve-2003-1238
xss
nuked-klan
authentication
cookies
remote attackers
html
script
modules
6 Medium
AI Score
Confidence
High
5.8 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
0.004 Low
EPSS
Percentile
74.0%
Cross-site scripting vulnerability (XSS) in Nuked-Klan 1.3 beta and earlier allows remote attackers to steal authentication information via cookies by injecting arbitrary HTML or script into op of the (1) Team, (2) News, and (3) Liens modules.
Affected configurations
Node
nuked-klannuked-klanMatch1.2
ORnuked-klannuked-klanMatch1.2_beta
ORnuked-klannuked-klanMatch1.3
ORnuked-klannuked-klanMatch1.3_beta
Related
exploitdb
exploitdb
Nuked-Klan 1.3 - Multiple Cross-Site Scripting Vulnerabilities
2003-02-23 00:00:00
cvelist
cvelist
CVE-2003-1238
2022-10-03 16:15:43
nvd
nvd
CVE-2003-1238
2003-12-31 05:00:00
nessus
nessus
Nuked-Klan index.php Multiple Module Vulnerabilities
2003-03-23 00:00:00
Nuked-Klan 1.2b Multiple Vulnerabilities
2003-02-28 00:00:00
openvas
openvas
Nuked-klan <= 1.3b Multiple Vulnerabilities - Active Check
2005-11-03 00:00:00
6 Medium
AI Score
Confidence
High
5.8 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
0.004 Low
EPSS
Percentile
74.0%
Related for CVE-2003-1238