Lucene search
HistoryAug 12, 2002 - 4:00 a.m.
CVE-2002-0771
viewcvs
cross-site scripting
vulnerability
cve-2002-0771
nvd
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
6.3 Medium
AI Score
Confidence
High
0.015 Low
EPSS
Percentile
87.0%
Cross-site scripting vulnerability in viewcvs.cgi for ViewCVS 0.9.2 allows remote attackers to inject script and steal cookies via the (1) cvsroot or (2) sortby parameters.
Affected configurations
Node
viewcvsviewcvsMatch0.8
ORviewcvsviewcvsMatch0.9
ORviewcvsviewcvsMatch0.9.1
ORviewcvsviewcvsMatch0.9.2
| CPE | Name | Operator | Version |
|---|---|---|---|
| viewcvs:viewcvs | viewcvs | eq | 0.8 |
| viewcvs:viewcvs | viewcvs | eq | 0.9 |
| viewcvs:viewcvs | viewcvs | eq | 0.9.1 |
| viewcvs:viewcvs | viewcvs | eq | 0.9.2 |
Related
openvas
openvas
ViewCVS XSS
2005-11-03 00:00:00
nessus
nessus
ViewCVS viewcvs.cgi Multiple Parameter XSS
2004-09-27 00:00:00
cvelist
cvelist
CVE-2002-0771
2002-07-26 04:00:00
nvd
nvd
CVE-2002-0771
2002-08-12 04:00:00
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
6.3 Medium
AI Score
Confidence
High
0.015 Low
EPSS
Percentile
87.0%
Related for CVE-2002-0771