Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2002-0270
HistoryMay 29, 2002 - 4:00 a.m.

CVE-2002-0270

2002-05-2904:00:00
CWE-79
mitre
web.nvd.nist.gov
45
cve-2002-0270
mime misinterpretation
opera
cross-site scripting
nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.8

Confidence

High

EPSS

0.001

Percentile

44.4%

JSON

Opera, when configured with the “Determine action by MIME type” option disabled, interprets an object as an HTML document even when its MIME Content-Type is text/plain, which could allow remote attackers to execute arbitrary script in documents that the user does not expect, possibly through web applications that use a text/plain type to prevent cross-site scripting attacks.

Affected configurations

Nvd
Node
opera_softwareopera_web_browserMatch9.10
VendorProductVersionCPE
opera_softwareopera_web_browser9.10cpe:2.3:a:opera_software:opera_web_browser:9.10:*:*:*:*:*:*:*

Related

cvelist 1
nvd 1
cvelist
cvelist
CVE-2002-0270
2002-05-03 04:00:00
nvd
nvd
CVE-2002-0270
2002-05-29 04:00:00

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.8

Confidence

High

EPSS

0.001

Percentile

44.4%

JSON
Related for CVE-2002-0270
cvelist1nvd1