CVE-2002-2377

2022-10-0316:23:49

mitre

www.cve.org

zap 1.0.3

addentry.cgi

cross-site scripting

5.8 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.3%

JSON

Cross-site scripting (XSS) vulnerability in addentry.cgi in ZAP 1.0.3 allows remote attackers to inject arbitrary SSi directives, web script, and HTML via the entry field.

References

online.securityfocus.com/archive/1/279707

www.iss.net/security_center/static/9471.php

www.iss.net/security_center/static/9472.php

www.securityfocus.com/bid/5130

www.securityfocus.com/bid/5131