CVE-2002-1727

Опубликовано: 31 дек. 2002

Источник: nvd

CVSS2: 6.8

EPSS Низкий

Описание

Cross-site scripting vulnerability (XSS) in (1) as_web.exe and (2) as_web4.exe in askSam Web Publisher 1 and 4 allows remote attackers to execute arbitrary script as other users via a URL.

Ссылки

http://online.securityfocus.com/archive/82/270970
http://www.ifrance.com/kitetoua/tuto/5holes4.txt
Vendor Advisory
http://www.securityfocus.com/bid/4670
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/9003
http://online.securityfocus.com/archive/82/270970
http://www.ifrance.com/kitetoua/tuto/5holes4.txt
Vendor Advisory
http://www.securityfocus.com/bid/4670
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/9003

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:asksam_systems:asksam_web_publisher:1.0:*:*:*:*:*:*:*

cpe:2.3:a:asksam_systems:asksam_web_publisher:4.0:*:*:*:*:*:*:*

EPSS

Процентиль: 71%

0.00655

Низкий

6.8 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-pwfv-74pm-g9jw

github

почти 4 года назад