Vulnerability Description
Cross-site scripting (CSS) vulnerability in error.asp for Plumtree Corporate Portal 3.5 through 4.5 allows remote attackers to execute arbitrary script on other clients via the "Description" parameter.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Plumtree | Plumtree Corporate Portal | 3.5 |
References
- http://marc.info/?l=bugtraq&m=101189911121808&w=2
- http://online.securityfocus.com/archive/82/248396Vendor Advisory
- http://www.iss.net/security_center/static/7817.phpPatchVendor Advisory
- http://www.securityfocus.com/bid/3799
- http://marc.info/?l=bugtraq&m=101189911121808&w=2
- http://online.securityfocus.com/archive/82/248396Vendor Advisory
- http://www.iss.net/security_center/static/7817.phpPatchVendor Advisory
- http://www.securityfocus.com/bid/3799
FAQ
What is CVE-2002-0205?
CVE-2002-0205 is a vulnerability with a CVSS score of 7.5 (HIGH). Cross-site scripting (CSS) vulnerability in error.asp for Plumtree Corporate Portal 3.5 through 4.5 allows remote attackers to execute arbitrary script on other clients via the "Description" parameter...
How severe is CVE-2002-0205?
CVE-2002-0205 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-0205?
Check the references section above for vendor advisories and patch information. Affected products include: Plumtree Plumtree Corporate Portal.