CVE-2002-1649

Опубликовано: 31 дек. 2002

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in read_body.php in SquirrelMail before 1.2.3 allows remote attackers to execute arbitrary Javascript via a javascript: URL in an IMG tag.

Ссылки

http://archives.neohapsis.com/archives/bugtraq/2002-01/0310.html
Exploit
http://www.kb.cert.org/vuls/id/153043
US Government Resource
http://www.securityfocus.com/bid/3956
https://exchange.xforce.ibmcloud.com/vulnerabilities/7989
http://archives.neohapsis.com/archives/bugtraq/2002-01/0310.html
Exploit
http://www.kb.cert.org/vuls/id/153043
US Government Resource
http://www.securityfocus.com/bid/3956
https://exchange.xforce.ibmcloud.com/vulnerabilities/7989

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:squirrelmail:squirrelmail:1.2.2:*:*:*:*:*:*:*

EPSS

Процентиль: 73%

0.00764

Низкий

4.3 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

CVE-2002-1649

debian

почти 23 года назад

Cross-site scripting (XSS) vulnerability in read_body.php in SquirrelM ...

GHSA-cf6m-prqc-77x3

github

больше 3 лет назад