CVE-2002-2129

2005-11-1607:37:00

mitre

www.cve.org

6.5 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.5%

JSON

Cross-site scripting vulnerability (XSS) in editform.php for w-Agora 4.1.5 allows remote attackers to execute arbitrary web script via an arbitrary form field name containing the script, which is echoed back to the user when displaying the form.

References

archives.neohapsis.com/archives/bugtraq/2002-12/0222.html

archives.neohapsis.com/archives/bugtraq/2002-12/0225.html

www.securityfocus.com/bid/6464

exchange.xforce.ibmcloud.com/vulnerabilities/10920