4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
57.0%
apricot.php from LovPop.net is a software to analyze web access logs. apricot.php contains a cross-site scripting vulnerability.
Note that future releases and maintenance of apricot.php ended on March 19, 2009. Users who wish to analyze access logs are recommended to use a different product that provides equivalent functionality.
An arbitrary script may be executed on the user’s web browser.
Do not use apricot.php
As patches will not be provided, users are recommended to discontinue use of apricot.php and switch to a different product that provides equivalent functionality.