Vulnerability Details CVE-2002-0329
Cross-site scripting vulnerability in Snitz Forums 2000 3.3.03 and earlier allows remote attackers to execute arbitrary script as other Forums 2000 users via Javascript in an IMG tag.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.237
EPSS Ranking 95.8%
CVSS Severity
CVSS v2 Score 7.5
References
- http://forum.snitz.com/forum/link.asp?TOPIC_ID=23660
- http://marc.info/?l=bugtraq&m=101485184605149&w=2
- http://online.securityfocus.com/archive/1/258981
- http://www.iss.net/security_center/static/8309.php
- http://www.kb.cert.org/vuls/id/132011
- http://www.securityfocus.com/bid/4192
- http://forum.snitz.com/forum/link.asp?TOPIC_ID=23660
- http://marc.info/?l=bugtraq&m=101485184605149&w=2
- http://online.securityfocus.com/archive/1/258981
- http://www.iss.net/security_center/static/8309.php
- http://www.kb.cert.org/vuls/id/132011
- http://www.securityfocus.com/bid/4192
Products affected by CVE-2002-0329
-
cpe:2.3:a:snitz_communications:snitz_forums_2000:3.0
-
cpe:2.3:a:snitz_communications:snitz_forums_2000:3.1
-
cpe:2.3:a:snitz_communications:snitz_forums_2000:3.2.03
-
cpe:2.3:a:snitz_communications:snitz_forums_2000:3.3
-
cpe:2.3:a:snitz_communications:snitz_forums_2000:3.3.01
-
cpe:2.3:a:snitz_communications:snitz_forums_2000:3.3.02