CVE-2002-1037

Опубликовано: 04 окт. 2002

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Cross-site scripting vulnerability in Double Choco Latte (DCL) before 20020706 allows remote attackers to inject arbitrary HTML, including script, into web pages via the (1) Ticket# Find, (2) Priorities, (3) Severities, (4) Projects, (5) WO# Find, (6) Departments and (7) Users features.

Ссылки

http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0022.html
http://dcl.sourceforge.net/index.php
http://marc.info/?l=bugtraq&m=102668783632589&w=2
http://www.iss.net/security_center/static/9532.php
Patch
Vendor Advisory
http://www.securityfocus.com/bid/5182
Patch
Vendor Advisory
http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0022.html
http://dcl.sourceforge.net/index.php
http://marc.info/?l=bugtraq&m=102668783632589&w=2
http://www.iss.net/security_center/static/9532.php
Patch
Vendor Advisory
http://www.securityfocus.com/bid/5182
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:michael_dean:double_choco_latte:2002-01-20:*:*:*:*:*:*:*

cpe:2.3:a:michael_dean:double_choco_latte:2002-02-15:*:*:*:*:*:*:*

EPSS

Процентиль: 70%

0.0065

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

CVE-2002-1037

debian

почти 23 года назад

Cross-site scripting vulnerability in Double Choco Latte (DCL) before ...

GHSA-fg7r-vg4h-848c

github

больше 3 лет назад