exploitDog

CVE-2003-0154

Опубликовано: 02 апр. 2003

Источник: nvd

CVSS2: 6.8

EPSS Средний

Описание

Cross-site scripting vulnerabilities (XSS) in bonsai Mozilla CVS query tool allow remote attackers to execute arbitrary web script via (1) the file, root, or rev parameters to cvslog.cgi, (2) the file or root parameters to cvsblame.cgi, (3) various parameters to cvsquery.cgi, (4) the person parameter to showcheckins.cgi, (5) the module parameter to cvsqueryform.cgi, and (6) possibly other attack vectors as identified by Mozilla bug #146244.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:mozilla:bonsai:1.3:*:*:*:*:*:*:*

EPSS

Процентиль: 94%

0.13333

Средний

6.8 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

CVE-2003-0154

debian

около 22 лет назад

Cross-site scripting vulnerabilities (XSS) in bonsai Mozilla CVS query ...

GHSA-jxf4-6hgg-qvgr

github

около 3 лет назад

Cross-site scripting vulnerabilities (XSS) in bonsai Mozilla CVS query tool allow remote attackers to execute arbitrary web script via (1) the file, root, or rev parameters to cvslog.cgi, (2) the file or root parameters to cvsblame.cgi, (3) various parameters to cvsquery.cgi, (4) the person parameter to showcheckins.cgi, (5) the module parameter to cvsqueryform.cgi, and (6) possibly other attack vectors as identified by Mozilla bug #146244.

EPSS

Процентиль: 94%

0.13333

Средний

6.8 Medium

CVSS2

Дефекты

NVD-CWE-Other