Vulnerability Description
Cross-site scripting (XSS) vulnerability in CERN Proxy Server allows remote attackers to execute script as other users via a link to a non-existent page whose name contains the script, which is inserted into the resulting error page.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| W3C | Cern Httpd | 3.0 |
References
- http://archives.neohapsis.com/archives/bugtraq/2002-08/0097.htmlExploit
- http://www.iss.net/security_center/static/9834.php
- http://www.securityfocus.com/bid/5447Exploit
- http://archives.neohapsis.com/archives/bugtraq/2002-08/0097.htmlExploit
- http://www.iss.net/security_center/static/9834.php
- http://www.securityfocus.com/bid/5447Exploit
FAQ
What is CVE-2002-1445?
CVE-2002-1445 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in CERN Proxy Server allows remote attackers to execute script as other users via a link to a non-existent page whose name contains the script, which is insert...
How severe is CVE-2002-1445?
CVE-2002-1445 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-1445?
Check the references section above for vendor advisories and patch information. Affected products include: W3C Cern Httpd.