Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2002-1276

Опубликовано: 29 нояб. 2002
Источник: nvd
CVSS2: 4.3
EPSS Низкий

Описание

An incomplete fix for a cross-site scripting (XSS) vulnerability in SquirrelMail 1.2.8 calls the strip_tags function on the PHP_SELF value but does not save the result back to that variable, leaving it open to cross-site scripting attacks.

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:squirrelmail:squirrelmail:1.2.8:*:*:*:*:*:*:*

EPSS

Процентиль: 70%
0.00636
Низкий

4.3 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

redhat
почти 23 года назад

An incomplete fix for a cross-site scripting (XSS) vulnerability in SquirrelMail 1.2.8 calls the strip_tags function on the PHP_SELF value but does not save the result back to that variable, leaving it open to cross-site scripting attacks.

debian
больше 22 лет назад

An incomplete fix for a cross-site scripting (XSS) vulnerability in Sq ...

github
больше 3 лет назад

An incomplete fix for a cross-site scripting (XSS) vulnerability in SquirrelMail 1.2.8 calls the strip_tags function on the PHP_SELF value but does not save the result back to that variable, leaving it open to cross-site scripting attacks.

EPSS

Процентиль: 70%
0.00636
Низкий

4.3 Medium

CVSS2

Дефекты

NVD-CWE-Other