CVE-2002-0681

Cross-site scripting vulnerability in GoAhead Web Server 2.1 allows remote attackers to execute script as other web users via script in a…

mitre·NVD-CWE-Other·Published 2002-07-12

CVSS

—

EPSS

0.08

KEV

Exploits

cve.orgen

216 chars

Cross-site scripting vulnerability in GoAhead Web Server 2.1 allows remote attackers to execute script as other web users via script in a URL that generates a "404 not found" message, which does not quote the script.

NVDen

216 chars

NVDes

300 chars

Vulnerabilidad de secuencias de comandos en sitios cruzados (cross-site scripting) en GoAhead Web Server 2.1 permite a atacantes remotos ejecutar secuencias de comandos como otros usuarios web mediante un script en una URL que genera un mensaje "404 no encontrado", que no le pone comillas al script.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	7.5	10.0	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P