Lucene search

[email protected]NVD:CVE-2002-2129

HistoryDec 31, 2002 - 5:00 a.m.

CVE-2002-2129

2002-12-3105:00:00

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.5

Confidence

High

EPSS

0.003

Percentile

70.4%

JSON

Cross-site scripting vulnerability (XSS) in editform.php for w-Agora 4.1.5 allows remote attackers to execute arbitrary web script via an arbitrary form field name containing the script, which is echoed back to the user when displaying the form.

Affected configurations

Nvd

Node

w-agoraw-agoraMatch4.1.5

VendorProductVersionCPE
w-agoraw-agora4.1.5cpe:2.3:a:w-agora:w-agora:4.1.5:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
w-agora	w-agora	4.1.5	cpe:2.3:a:w-agora:w-agora:4.1.5:::::::*

References

archives.neohapsis.com/archives/bugtraq/2002-12/0222.html

archives.neohapsis.com/archives/bugtraq/2002-12/0225.html

www.securityfocus.com/bid/6464

exchange.xforce.ibmcloud.com/vulnerabilities/10920

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.5

Confidence

High

EPSS

0.003

Percentile

70.4%

JSON

Related for NVD:CVE-2002-2129

exploitdb1 cvelist1 cve1