Lucene search
HistoryOct 03, 2022 - 4:23 p.m.
CVE-2002-2178
cve-2002-2178
cross-site scripting
xss
phpwebsite 0.8.3
security vulnerability
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
6.6 Medium
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
70.0%
Cross-site scripting (XSS) vulnerability in article.php module for phpWebSite 0.8.3 allows remote attackers to execute arbitrary Javascript script via the sid parameter, as demonstrated using an IMG tag.
Affected configurations
Node
phpwebsitephpwebsiteMatch0.8.3
| CPE | Name | Operator | Version |
|---|---|---|---|
| phpwebsite:phpwebsite | phpwebsite | eq | 0.8.3 |
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
6.6 Medium
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
70.0%
Related for CVE-2002-2178