CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
High
EPSS
Percentile
80.8%
Netscape Communicator 4.04 through 4.7 (and possibly other versions) in various UNIX operating systems converts the 0x8b character to a “<” sign, and the 0x9b character to a “>” sign, which could allow remote attackers to attack other clients via cross-site scripting (CSS) in CGI programs that do not filter these characters.
Vendor | Product | Version | CPE |
---|---|---|---|
netscape | communicator | * | cpe:2.3:a:netscape:communicator:*:*:*:*:*:*:*:* |
netscape | communicator | 4.04 | cpe:2.3:a:netscape:communicator:4.04:*:*:*:*:*:*:* |
netscape | communicator | 4.51 | cpe:2.3:a:netscape:communicator:4.51:*:*:*:*:*:*:* |