Lucene search

[email protected]CVE-2003-1353

HistoryOct 14, 2007 - 7:00 p.m.

CVE-2003-1353

2007-10-1419:00:00

CWE-79

[email protected]

web.nvd.nist.gov

security

vulnerability

xss

outreach project tool

opt

remote attackers

web script

html

cve-2003-1353

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.2

Confidence

High

EPSS

0.002

Percentile

59.7%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in Outreach Project Tool (OPT) 0.946b allow remote attackers to inject arbitrary web script or HTML, as demonstrated using the news field.

Affected configurations

NVD

Node

lanifexoutreach_project_toolMatch0.946b

VendorProductVersionCPE
lanifexoutreach_project_tool0.946bcpe:/a:lanifex:outreach_project_tool:0.946b:::

Vendor	Product	Version	CPE
lanifex	outreach_project_tool	0.946b	cpe:/a:lanifex:outreach_project_tool:0.946b:::

References

archives.neohapsis.com/archives/bugtraq/2003-01/0119.html

www.securityfocus.com/bid/6631

exchange.xforce.ibmcloud.com/vulnerabilities/11096

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.2

Confidence

High

EPSS

0.002

Percentile

59.7%

JSON

Related for CVE-2003-1353

cvelist1 nvd1