CVE-2002-1651 — MEDIUM (4.3)

Vulnerability Description

Cross-site scripting (XSS) vulnerability in Verity Search97 allows remote attackers to insert arbitrary web content and steal sensitive information from other clients, possibly due to certain error messages from template pages that use the (1) vformat or (2) vfilter functions.

CVSS Score

4.3

MEDIUM

AV:N/AC:M/Au:N/C:N/I:P/A:N

Confidentiality

NONE

Integrity

PARTIAL

Availability

NONE

Affected Products

Vendor	Product	Versions
Verity	Search97	2.1

Related Weaknesses (CWE)

CWE-79

References

http://www.kb.cert.org/vuls/id/636431PatchUS Government Resource
http://www.securityfocus.com/bid/5102Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/9441
http://www.kb.cert.org/vuls/id/636431PatchUS Government Resource
http://www.securityfocus.com/bid/5102Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/9441

FAQ

What is CVE-2002-1651?

CVE-2002-1651 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in Verity Search97 allows remote attackers to insert arbitrary web content and steal sensitive information from other clients, possibly due to certain error me...

How severe is CVE-2002-1651?

CVE-2002-1651 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2002-1651?

Check the references section above for vendor advisories and patch information. Affected products include: Verity Search97.