CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2002-1688

The browser history feature in Microsoft Internet Explorer 5.5 through 6.0 allows remote attackers to execute arbitrary script as other users and steal authentication information via cookies by injecting JavaScript into the URL, which is executed when the user hits the Back button.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.395

EPSS Ranking 97.1%

CVSS Severity

CVSS v2 Score 5.0

References

http://online.securityfocus.com/archive/1/267561
http://www.securityfocus.com/bid/4505
https://exchange.xforce.ibmcloud.com/vulnerabilities/8844
http://online.securityfocus.com/archive/1/267561
http://www.securityfocus.com/bid/4505
https://exchange.xforce.ibmcloud.com/vulnerabilities/8844

Products affected by CVE-2002-1688

Microsoft » Internet Explorer » Version: 5.5

cpe:2.3:a:microsoft:internet_explorer:5.5
Microsoft » Internet Explorer » Version: 6.0

cpe:2.3:a:microsoft:internet_explorer:6.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2002-1688

Products

Pricing

Contact Us