CVE-2002-0181
 
Severity Score
7.5
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Cross-site scripting vulnerability in status.php3 for IMP 2.2.8 and HORDE 1.2.7 allows remote attackers to execute arbitrary web script and steal cookies of other IMP/HORDE users via the script parameter.
Vulnderabilidad de secuencias de comandos en sitios cruzados (cross-site scripting) en Horde anteriores a 1.2.8 y IMP anteriores a 2.2.8 permite a atacantes remotos ejecutar scripts y robar cookies de otros usuarios.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2002-04-17 CVE Reserved
- 2002-04-22 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-08 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (8)
URL | Tag | Source |
---|---|---|
http://bugs.horde.org/show_bug.cgi?id=916 | X_refsource_misc | |
http://marc.info/?l=bugtraq&m=101828033830744&w=2 | Mailing List | |
http://www.iss.net/security_center/static/8769.php | Vdb Entry | |
http://www.osvdb.org/5345 | Vdb Entry | |
http://www.securityfocus.com/bid/4444 | Vdb Entry |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://www.debian.org/security/2002/dsa-126 | 2016-10-18 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Horde Search vendor "Horde" | Horde Search vendor "Horde" for product "Horde" | 1.2.7 Search vendor "Horde" for product "Horde" and version "1.2.7" | - |
Affected
| ||||||
Horde Search vendor "Horde" | Imp Search vendor "Horde" for product "Imp" | 2.2.8 Search vendor "Horde" for product "Imp" and version "2.2.8" | - |
Affected
|