CVE-2002-1996

2005-07-1404:00:00

mitre

www.cve.org

AI Score

5.7

Confidence

High

EPSS

0.018

Percentile

88.4%

JSON

Cross-site scripting (XSS) vulnerability in PostNuke 0.71 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) name parameter in modules.php and (2) catid parameter in index.php.

References

archives.neohapsis.com/archives/bugtraq/2002-03/0288.html

archives.neohapsis.com/archives/bugtraq/2002-03/0299.html

sourceforge.net/tracker/index.php?func=detail&aid=524777&group_id=27927&atid=392228

www.iss.net/security_center/static/8605.php

www.securityfocus.com/bid/4350