CVE-2002-1853

Опубликовано: 31 дек. 2002

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in MyNewsGroups 0.4 and 0.4.1 allows remote attackers to inject arbitrary web script or HTML via the subject of a newsgroup post, which is not properly handled by (1) myarticles.php, (2) search.php, (3) stats.php, or (4) standard.lib.php.

Ссылки

http://secunia.com/advisories/7177
Vendor Advisory
http://www.iss.net/security_center/static/10238.php
Patch
http://www.securityfocus.com/archive/1/293564
http://www.securityfocus.com/bid/5836
Patch
http://secunia.com/advisories/7177
Vendor Advisory
http://www.iss.net/security_center/static/10238.php
Patch
http://www.securityfocus.com/archive/1/293564
http://www.securityfocus.com/bid/5836
Patch

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:carlos_sanchez_valle:mynewsgroups:0.4:*:*:*:*:*:*:*

cpe:2.3:a:carlos_sanchez_valle:mynewsgroups:0.4.1:*:*:*:*:*:*:*

EPSS

Процентиль: 61%

0.00409

Низкий

4.3 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-rhw2-ffm7-95w9

github

почти 4 года назад