Vulnerability CVE-2001-0987


Published: 2001-07-22   Modified: 2012-02-12

Description:
Cross-site scripting vulnerability in CGIWrap before 3.7 allows remote attackers to execute arbitrary Javascript on other web clients by causing the Javascript to be inserted into error messages that are generated by CGIWrap.

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Nathan neulinger -> Cgiwrap 

 References:
http://archives.neohapsis.com/archives/bugtraq/2001-07/0499.html
http://cgiwrap.sourceforge.net/changes.html
http://www.securityfocus.com/bid/3084
https://exchange.xforce.ibmcloud.com/vulnerabilities/6886

Copyright 2024, cxsecurity.com

 

Back to Top