Описание
Cross-site scripting (XSS) vulnerability in PostNuke 0.71 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) name parameter in modules.php and (2) catid parameter in index.php.
Cross-site scripting (XSS) vulnerability in PostNuke 0.71 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) name parameter in modules.php and (2) catid parameter in index.php.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2002-1996
- http://archives.neohapsis.com/archives/bugtraq/2002-03/0288.html
- http://archives.neohapsis.com/archives/bugtraq/2002-03/0299.html
- http://sourceforge.net/tracker/index.php?func=detail&aid=524777&group_id=27927&atid=392228
- http://www.iss.net/security_center/static/8605.php
- http://www.securityfocus.com/bid/4350
EPSS
Процентиль: 65%
0.00504
Низкий
CVE ID
Связанные уязвимости
nvd
больше 22 лет назад
Cross-site scripting (XSS) vulnerability in PostNuke 0.71 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) name parameter in modules.php and (2) catid parameter in index.php.
EPSS
Процентиль: 65%
0.00504
Низкий