Lucene search

K
nvd[email protected]NVD:CVE-2002-1678
HistoryDec 31, 2002 - 5:00 a.m.

CVE-2002-1678

2002-12-3105:00:00
web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

6.1 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

79.8%

Cross-site scripting (XSS) vulnerability in memberlist.php in Jelsoft vBulletin 2.0 rc 2 through 2.2.4 allows remote attackers to steal authentication credentials by injecting script into $letterbits.

Affected configurations

NVD
Node
jelsoftvbulletinMatch2.0_rc2
OR
jelsoftvbulletinMatch2.0_rc3
OR
jelsoftvbulletinMatch2.2.0
OR
jelsoftvbulletinMatch2.2.1
OR
jelsoftvbulletinMatch2.2.2
OR
jelsoftvbulletinMatch2.2.3
OR
jelsoftvbulletinMatch2.2.4

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

6.1 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

79.8%

Related for NVD:CVE-2002-1678