CVE-2002-1493

Опубликовано: 02 апр. 2003

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in Lycos HTMLGear guestbook allows remote attackers to inject arbitrary script via (1) STYLE attributes or (2) SRC attributes in an IMG tag.

Ссылки

http://archives.neohapsis.com/archives/bugtraq/2002-09/0198.html
Exploit
Vendor Advisory
http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0132.html
Vendor Advisory
http://www.securityfocus.com/bid/5728
Exploit
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/12235
http://archives.neohapsis.com/archives/bugtraq/2002-09/0198.html
Exploit
Vendor Advisory
http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0132.html
Vendor Advisory
http://www.securityfocus.com/bid/5728
Exploit
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/12235

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:lycos:htmlgear_guestgear:*:*:*:*:*:*:*:*

EPSS

Процентиль: 69%

0.00591

Низкий

4.3 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-cjfx-9fmj-c733

github

почти 4 года назад