Vulnerability Details CVE-2002-2377
Cross-site scripting (XSS) vulnerability in addentry.cgi in ZAP 1.0.3 allows remote attackers to inject arbitrary SSi directives, web script, and HTML via the entry field.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 60.6%
CVSS Severity
CVSS v2 Score 4.3
References
- http://online.securityfocus.com/archive/1/279707
- http://www.iss.net/security_center/static/9471.php
- http://www.iss.net/security_center/static/9472.php
- http://www.securityfocus.com/bid/5130
- http://www.securityfocus.com/bid/5131
- http://online.securityfocus.com/archive/1/279707
- http://www.iss.net/security_center/static/9471.php
- http://www.iss.net/security_center/static/9472.php
- http://www.securityfocus.com/bid/5130
- http://www.securityfocus.com/bid/5131
Products affected by CVE-2002-2377
-
cpe:2.3:a:sephiroth32:zap_book:1.0.3