6.8
CVE-2002-1315
- EPSS 2.08%
- Veröffentlicht 29.11.2002 05:00:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
- Quelle cve@mitre.org
- Teams Watchlist Login
- Unerledigt Login
Cross-site scripting (XSS) vulnerability in the Admin Server for iPlanet WebServer 4.x, up to SP11, allows remote attackers to execute web script or HTML as the iPlanet administrator by injecting the desired script into error logs, and possibly escalating privileges by using the XSS vulnerability in conjunction with another issue (CVE-2002-1316).
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Iplanet ≫ Iplanet Web Server Version4.1
Iplanet ≫ Iplanet Web Server Version4.1_sp1
Iplanet ≫ Iplanet Web Server Version4.1_sp2
Iplanet ≫ Iplanet Web Server Version4.1_sp3
Iplanet ≫ Iplanet Web Server Version4.1_sp4
Iplanet ≫ Iplanet Web Server Version4.1_sp5
Iplanet ≫ Iplanet Web Server Version4.1_sp6
Iplanet ≫ Iplanet Web Server Version4.1_sp7
Iplanet ≫ Iplanet Web Server Version4.1_sp8
Iplanet ≫ Iplanet Web Server Version4.1_sp9
Iplanet ≫ Iplanet Web Server Version4.1_sp10
Iplanet ≫ Iplanet Web Server Version4.1_sp11
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.08% | 0.823 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|