Vulnerability Details CVE-2002-0494
Cross-site scripting vulnerability in WebSight Directory System 0.1 allows remote attackers to execute arbitrary Javascript and gain access to the WebSight administrator via a new link submission containing the script in a website name.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 74.3%
CVSS Severity
CVSS v2 Score 7.5
References
- http://sourceforge.net/forum/forum.php?forum_id=163389
- http://www.iss.net/security_center/static/8624.php
- http://www.securityfocus.com/archive/1/263914
- http://www.securityfocus.com/bid/4357
- http://sourceforge.net/forum/forum.php?forum_id=163389
- http://www.iss.net/security_center/static/8624.php
- http://www.securityfocus.com/archive/1/263914
- http://www.securityfocus.com/bid/4357
Products affected by CVE-2002-0494
-
cpe:2.3:a:websight_directory_system:websight_directory_system:0.1