Vulnerability Name: | CVE-2002-0959 (CCN-9279) | ||||||||
Assigned: | 2002-06-06 | ||||||||
Published: | 2002-06-06 | ||||||||
Updated: | 2008-09-05 | ||||||||
Summary: | Cross-site scripting vulnerability in Splatt Forum 3.0 allows remote attackers to execute arbitrary script as other users via an [img] tag with a closing quote followed by the script. | ||||||||
CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||
Vulnerability Type: | CWE-Other | ||||||||
Vulnerability Consequences: | Obtain Information | ||||||||
References: | Source: CCN Type: VulnWatch Mailing List, Thu Jun 06 2002 - 08:01:29 CDT Splatt Forum XSS Source: VULNWATCH Type: UNKNOWN 20020606 [VulnWatch] Splatt Forum XSS Source: MITRE Type: CNA CVE-2002-0959 Source: BUGTRAQ Type: UNKNOWN 20020606 Splatt Forum XSS Source: XF Type: Patch, Vendor Advisory splatt-forum-img-xss(9279) Source: CCN Type: OSVDB ID: 9233 Splatt Forum IMG Tag XSS Source: BID Type: Exploit, Vendor Advisory 4953 Source: CCN Type: BID-4953 Splatt Forum Image Tag HTML Injection Vulneraility Source: CCN Type: Splatt Web site Splatt Projects Source: XF Type: UNKNOWN splatt-forum-img-xss(9279) | ||||||||
Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
BACK |