CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2002-1685

Cross-site scripting vulnerability (XSS) in BadBlue Enterprise Edition and Personal Edition 1.7 and 1.7.2 allows remote attackers to execute arbitrary script as other users by injecting script into ext.dll ISAPI.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 65.8%

CVSS Severity

CVSS v2 Score 4.3

References

http://online.securityfocus.com/archive/1/281088
http://www.securityfocus.com/bid/5086
https://exchange.xforce.ibmcloud.com/vulnerabilities/9513
http://online.securityfocus.com/archive/1/281088
http://www.securityfocus.com/bid/5086
https://exchange.xforce.ibmcloud.com/vulnerabilities/9513

Products affected by CVE-2002-1685

Working Resources Inc. » Badblue » Version: enterprise_1.7.2

cpe:2.3:a:working_resources_inc.:badblue:enterprise_1.7.2
Working Resources Inc. » Badblue » Version: personal_1.7

cpe:2.3:a:working_resources_inc.:badblue:personal_1.7
Working Resources Inc. » Badblue » Version: personal_1.7.2

cpe:2.3:a:working_resources_inc.:badblue:personal_1.7.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2002-1685

Products

Pricing

Contact Us