Lucene search

MitreCVE-2003-0587

HistoryOct 17, 2016 - 4:00 a.m.

CVE-2003-0587

2016-10-1704:00:00

mitre

web.nvd.nist.gov

cve-2003-0587

cross-site scripting

infopop

ubb

xss

remote authenticated users

administrative access

web script

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.3

Confidence

High

EPSS

0.002

Percentile

53.9%

JSON

Cross-site scripting (XSS) vulnerability in Infopop Ultimate Bulletin Board (UBB) 6.x allows remote authenticated users to execute arbitrary web script and gain administrative access via the “displayed name” attribute of the “ubber” cookie.

Affected configurations

Nvd

Node

infopopultimate_bulletin_boardMatch6

VendorProductVersionCPE
infopopultimate_bulletin_board6cpe:2.3:a:infopop:ultimate_bulletin_board:6:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
infopop	ultimate_bulletin_board	6	cpe:2.3:a:infopop:ultimate_bulletin_board:6:::::::*

References

marc.info/?l=bugtraq&m=105839276105934&w=2

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.3

Confidence

High

EPSS

0.002

Percentile

53.9%

JSON

Related for CVE-2003-0587