6.8
CVE-2002-1703
- EPSS 4.22%
- Veröffentlicht 31.12.2002 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:59:48
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginCross-site scripting vulnerability (XSS) in auction.cgi for Mewsoft NetAuction 3.0 allows remote attackers to execute arbitrary script as other users via the Term parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Mewsoft ≫ Netauction Version3.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 4.22% | 0.897 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
http://online.securityfocus.com/archive/1/277049
http://www.securityfocus.com/bid/5023
https://exchange.xforce.ibmcloud.com/vulnerabilities/9365