Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-1238

Overview

Vulnerability Score 5.8 5.8
CVE Id CVE-2003-1238
Last Modified 05 Sep 2008 04:36:24
Published 31 Dec 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2003-1238

Summary

Cross-site scripting vulnerability (XSS) in Nuked-Klan 1.3 beta and earlier allows remote attackers to steal authentication information via cookies by injecting arbitrary HTML or script into op of the (1) Team, (2) News, and (3) Liens modules.

Vulnerable Systems

Application

  • Nuked-klan 1.2

  • Nuked-klan 1.2 Beta

  • Nuked-klan 1.3

  • Nuked-klan 1.3 Beta


References

BID - 6916

XF - nuked-klan-team-xss(11420)

BUGTRAQ - 20030318 Some XSS vulns

BUGTRAQ - 20030221 [SCSA-006] XSS & Function Execution Vulnerabilities in Nuked-Klan


Last Updated: 27 May 2016 10:38:17