Lucene search

[email protected]CVE-2003-1519

HistoryOct 25, 2007 - 7:00 p.m.

CVE-2003-1519

2007-10-2519:00:00

CWE-79

[email protected]

web.nvd.nist.gov

cve

2003

1519

xss

vulnerability

vivisimo

clustering engine

web script

html

remote attackers

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.0%

JSON

Cross-site scripting (XSS) vulnerability in Vivisimo clustering engine allows remote attackers to inject arbitrary web script or HTML via the query parameter to the search program.

Affected configurations

NVD

Node

vivisimoclustering_engineMatch0

CPENameOperatorVersion
vivisimo:clustering_enginevivisimo clustering engineeq0

CPE	Name	Operator	Version
vivisimo:clustering_engine	vivisimo clustering engine	eq	0

References

securitytracker.com/id?1007955

www.securityfocus.com/bid/8862

exchange.xforce.ibmcloud.com/vulnerabilities/13452

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.0%

JSON

Related for CVE-2003-1519

cvelist1 nvd1