7.5
CVE-2002-1131
- EPSS 25.75%
- Veröffentlicht 04.10.2002 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:58:47
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Cross-site scripting vulnerabilities in SquirrelMail 1.2.7 and earlier allows remote attackers to execute script as other web users via (1) addressbook.php, (2) options.php, (3) search.php, or (4) help.php.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Squirrelmail ≫ Squirrelmail Version <= 1.2.7
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 25.75% | 0.977 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://archives.neohapsis.com/archives/bugtraq/2002-09/0246.html
http://sourceforge.net/project/shownotes.php?group_id=311&release_id=110774
http://www.debian.org/security/2002/dsa-191
http://www.iss.net/security_center/static/10145.php
http://www.redhat.com/support/errata/RHSA-2002-204.html
http://www.securityfocus.com/bid/5763