Vulnerability Details CVE-2002-1680
Cross-site scripting (XSS) vulnerability in CGI Online Worldweb Shopping 1.1 (a.k.a. COWS) allows remote attackers to execute arbitrary script as other users by injecting script into (1) diagnose.cgi or (2) compatible.cgi.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 56.7%
CVSS Severity
CVSS v2 Score 4.3
References
- http://online.securityfocus.com/archive/82/251570
- http://www.securityfocus.com/bid/3914
- http://www.securityfocus.com/bid/3921
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7986
- http://online.securityfocus.com/archive/82/251570
- http://www.securityfocus.com/bid/3914
- http://www.securityfocus.com/bid/3921
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7986
Products affected by CVE-2002-1680
-
cpe:2.3:a:cows:cgi_online_worldweb_shopping:1.1