CVE-2002-0166

Опубликовано: 22 апр. 2002

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Cross-site scripting vulnerability in analog before 5.22 allows remote attackers to execute Javascript via an HTTP request containing the script, which is entered into a web logfile and not properly filtered by analog during display.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:stephen_turner:analog:3.90_beta1:*:*:*:*:*:*:*

cpe:2.3:a:stephen_turner:analog:3.90_beta2:*:*:*:*:*:*:*

cpe:2.3:a:stephen_turner:analog:4.1:*:*:*:*:*:*:*

cpe:2.3:a:stephen_turner:analog:4.01:*:*:*:*:*:*:*

cpe:2.3:a:stephen_turner:analog:4.02:*:*:*:*:*:*:*

cpe:2.3:a:stephen_turner:analog:4.03:*:*:*:*:*:*:*

cpe:2.3:a:stephen_turner:analog:4.04:*:*:*:*:*:*:*

cpe:2.3:a:stephen_turner:analog:4.11:*:*:*:*:*:*:*

cpe:2.3:a:stephen_turner:analog:4.14:*:*:*:*:*:*:*

cpe:2.3:a:stephen_turner:analog:4.15:*:*:*:*:*:*:*

cpe:2.3:a:stephen_turner:analog:4.16:*:*:*:*:*:*:*

cpe:2.3:a:stephen_turner:analog:4.90_beta2:*:*:*:*:*:*:*

cpe:2.3:a:stephen_turner:analog:4.90_beta3:*:*:*:*:*:*:*

cpe:2.3:a:stephen_turner:analog:4.90_beta4:*:*:*:*:*:*:*

cpe:2.3:a:stephen_turner:analog:4.91_beta1:*:*:*:*:*:*:*

cpe:2.3:a:stephen_turner:analog:5.0:*:*:*:*:*:*:*

cpe:2.3:a:stephen_turner:analog:5.01:*:*:*:*:*:*:*

cpe:2.3:a:stephen_turner:analog:5.1a:*:*:*:*:*:*:*

cpe:2.3:a:stephen_turner:analog:5.2:*:*:*:*:*:*:*

cpe:2.3:a:stephen_turner:analog:5.02:*:*:*:*:*:*:*

cpe:2.3:a:stephen_turner:analog:5.03:*:*:*:*:*:*:*

EPSS

Процентиль: 80%

0.01414

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

CVE-2002-0166

redhat

больше 23 лет назад

GHSA-6736-7xch-7c42

github

около 3 лет назад