Vulnerability Description
Cross-site scripting (XSS) vulnerability in Slashcode CVS releases June 17 through July 1 2002 allows remote attackers to execute arbitrary script as other users by injecting script into the paragraph <P> tag.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Open Source Development Network | Slashcode | 2.2.1 |
References
- http://online.securityfocus.com/archive/1/280218
- http://online.securityfocus.com/archive/1/280255
- http://www.securityfocus.com/bid/5140
- https://exchange.xforce.ibmcloud.com/vulnerabilities/9473
- http://online.securityfocus.com/archive/1/280218
- http://online.securityfocus.com/archive/1/280255
- http://www.securityfocus.com/bid/5140
- https://exchange.xforce.ibmcloud.com/vulnerabilities/9473
FAQ
What is CVE-2002-1681?
CVE-2002-1681 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Cross-site scripting (XSS) vulnerability in Slashcode CVS releases June 17 through July 1 2002 allows remote attackers to execute arbitrary script as other users by injecting script into the paragraph...
How severe is CVE-2002-1681?
CVE-2002-1681 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-1681?
Check the references section above for vendor advisories and patch information. Affected products include: Open Source Development Network Slashcode.