w3m before 0.3.2.2 does not properly escape HTML tags in the ALT attribute of an IMG tag, which could allow remote attackers to access files or cookies.
CVSS Score
5.0
EPSS Score
0.012
Published
2003-02-19