Vulnerability Description
The new thread posting page in APBoard 2.02 and 2.03 allows remote attackers to post messages to protected forums by modifying the insertinto parameter.
CVSS Score
5.0
MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| App | Apboard | 2.02 |
References
- http://online.securityfocus.com/archive/1/299536Exploit
- http://securityreason.com/securityalert/3332Exploit
- http://www.iss.net/security_center/static/10611.php
- http://www.securityfocus.com/bid/6167
- http://online.securityfocus.com/archive/1/299536Exploit
- http://securityreason.com/securityalert/3332Exploit
- http://www.iss.net/security_center/static/10611.php
- http://www.securityfocus.com/bid/6167
FAQ
What is CVE-2002-2398?
CVE-2002-2398 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The new thread posting page in APBoard 2.02 and 2.03 allows remote attackers to post messages to protected forums by modifying the insertinto parameter.
How severe is CVE-2002-2398?
CVE-2002-2398 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-2398?
Check the references section above for vendor advisories and patch information. Affected products include: App Apboard.