Lucene search

[email protected]CVE-2002-0117

HistoryJun 25, 2002 - 4:00 a.m.

CVE-2002-0117

2002-06-2504:00:00

[email protected]

web.nvd.nist.gov

cybersecurity

xss

vulnerability

remote attack

scripts

yet another bulletin board

javascript

img tag

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

High

0.094 Low

EPSS

Percentile

94.8%

JSON

Cross-site scripting vulnerability in Yet Another Bulletin Board (YaBB) 1 Gold SP 1 and earlier allows remote attackers to execute arbitrary script and steal cookies via a message containing encoded Javascript in an IMG tag.

Affected configurations

NVD

Node

yabbyabbMatch0.01_releasegold

yabbyabbMatch0.01_sp1gold

yabbyabbMatch2000-09-01

yabbyabbMatch2000-09-11

CPENameOperatorVersion
yabb:yabbyabbeq0.01_release
yabb:yabbyabbeq0.01_sp1
yabb:yabbyabbeq2000-09-01
yabb:yabbyabbeq2000-09-11

CPE	Name	Operator	Version
yabb:yabb	yabb	eq	0.01_release
yabb:yabb	yabb	eq	0.01_sp1
yabb:yabb	yabb	eq	2000-09-01
yabb:yabb	yabb	eq	2000-09-11

References

online.securityfocus.com/archive/1/249031

online.securityfocus.com/cgi-bin/vulns-item.pl?section=info&id=3828

www.iss.net/security_center/static/7840.php

www.osvdb.org/2019

www.yabbforum.com/

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

High

0.094 Low

EPSS

Percentile

94.8%

JSON

Related for CVE-2002-0117

cvelist1 nvd1