CVE-2002-0459 — HIGH (7.6) — White Hats Nepal

Vulnerability Description

Cross-site scripting vulnerability in Board-TNK 1.3.1 and earlier allows remote attackers to execute arbitrary Javascript via the WEB parameter.

CVSS Score

7.6

HIGH

AV:N/AC:H/Au:N/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Linux-Sottises	Board-Tnk	1.3
Linux-Sottises	News-Tnk	1.2.1

References

http://translate.google.com/translate?u=http%3A%2F%2Fwww.linux-sottises.net%2Fin
http://www.iss.net/security_center/static/8475.phpPatchVendor Advisory
http://www.securityfocus.com/archive/1/262694Vendor Advisory
http://www.securityfocus.com/bid/4305PatchVendor Advisory
http://translate.google.com/translate?u=http%3A%2F%2Fwww.linux-sottises.net%2Fin
http://www.iss.net/security_center/static/8475.phpPatchVendor Advisory
http://www.securityfocus.com/archive/1/262694Vendor Advisory
http://www.securityfocus.com/bid/4305PatchVendor Advisory

FAQ

What is CVE-2002-0459?

CVE-2002-0459 is a vulnerability with a CVSS score of 7.6 (HIGH). Cross-site scripting vulnerability in Board-TNK 1.3.1 and earlier allows remote attackers to execute arbitrary Javascript via the WEB parameter.

How severe is CVE-2002-0459?

CVE-2002-0459 has been rated HIGH with a CVSS base score of 7.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2002-0459?

Check the references section above for vendor advisories and patch information. Affected products include: Linux-Sottises Board-Tnk, Linux-Sottises News-Tnk.