Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0955

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-0955
Last Modified 05 Sep 2008 04:29:23
Published 04 Oct 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0955

Summary

Cross-site scripting vulnerability in YaBB.cgi for Yet Another Bulletin Board (YaBB) 1 Gold SP1 and earlier allows remote attackers to execute arbitrary script as other web site visitors via script in the num parameter, which is not filtered in the resulting error message.

Vulnerable Systems

Application

  • Yabb 1 Gold Sp 1


References

BID - 5078

XF - yabb-invalid-thread-xss(9408)

BUGTRAQ - 20020621 [AP] YaBB Cross-Site Scripting vulnerability


Last Updated: 27 May 2016 10:37:08