CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2001-0948

Cross-site scripting (CSS) vulnerability in ValiCert Enterprise Validation Authority (EVA) 3.3 through 4.2.1 allows remote attackers to execute arbitrary code or display false information by including HTML or script in the certificate's description, which is executed when the certificate is viewed.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.024

EPSS Ranking 84.6%

CVSS Severity

CVSS v2 Score 7.5

References

Products affected by CVE-2001-0948

Valicert » Enterprise Validation Authority » Version: 3.3

cpe:2.3:a:valicert:enterprise_validation_authority:3.3
Valicert » Enterprise Validation Authority » Version: 3.4

cpe:2.3:a:valicert:enterprise_validation_authority:3.4
Valicert » Enterprise Validation Authority » Version: 3.5

cpe:2.3:a:valicert:enterprise_validation_authority:3.5
Valicert » Enterprise Validation Authority » Version: 3.6

cpe:2.3:a:valicert:enterprise_validation_authority:3.6
Valicert » Enterprise Validation Authority » Version: 3.7

cpe:2.3:a:valicert:enterprise_validation_authority:3.7
Valicert » Enterprise Validation Authority » Version: 3.8

cpe:2.3:a:valicert:enterprise_validation_authority:3.8
Valicert » Enterprise Validation Authority » Version: 3.9

cpe:2.3:a:valicert:enterprise_validation_authority:3.9
Valicert » Enterprise Validation Authority » Version: 4.0

cpe:2.3:a:valicert:enterprise_validation_authority:4.0
Valicert » Enterprise Validation Authority » Version: 4.1

cpe:2.3:a:valicert:enterprise_validation_authority:4.1
Valicert » Enterprise Validation Authority » Version: 4.2

cpe:2.3:a:valicert:enterprise_validation_authority:4.2
Valicert » Enterprise Validation Authority » Version: 4.2.1

cpe:2.3:a:valicert:enterprise_validation_authority:4.2.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2001-0948

Products

Pricing

Contact Us