Vulnerability Details CVE-2002-0771
Cross-site scripting vulnerability in viewcvs.cgi for ViewCVS 0.9.2 allows remote attackers to inject script and steal cookies via the (1) cvsroot or (2) sortby parameters.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.082
EPSS Ranking 91.8%
CVSS Severity
CVSS v2 Score 6.4
References
- http://archives.neohapsis.com/archives/bugtraq/2002-05/0161.html
- http://www.iss.net/security_center/static/9112.php
- http://www.securityfocus.com/bid/4818
- http://archives.neohapsis.com/archives/bugtraq/2002-05/0161.html
- http://www.iss.net/security_center/static/9112.php
- http://www.securityfocus.com/bid/4818