Vulnerability Description
Cross-site scripting (XSS) vulnerability in Lycos HTMLGear guestbook allows remote attackers to inject arbitrary script via (1) STYLE attributes or (2) SRC attributes in an IMG tag.
CVSS Score
4.3
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Lycos | Htmlgear Guestgear | All versions |
References
- http://archives.neohapsis.com/archives/bugtraq/2002-09/0198.htmlExploitVendor Advisory
- http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0132.htmlVendor Advisory
- http://www.securityfocus.com/bid/5728ExploitVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/12235
- http://archives.neohapsis.com/archives/bugtraq/2002-09/0198.htmlExploitVendor Advisory
- http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0132.htmlVendor Advisory
- http://www.securityfocus.com/bid/5728ExploitVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/12235
FAQ
What is CVE-2002-1493?
CVE-2002-1493 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in Lycos HTMLGear guestbook allows remote attackers to inject arbitrary script via (1) STYLE attributes or (2) SRC attributes in an IMG tag.
How severe is CVE-2002-1493?
CVE-2002-1493 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-1493?
Check the references section above for vendor advisories and patch information. Affected products include: Lycos Htmlgear Guestgear.