CVE-2002-0205

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2002-0205
Cross-site scripting (CSS) vulnerability in error.asp for Plumtree Corporate Portal 3.5 through 4.5 allows remote attackers to execute arbitrary script on other clients via the "Description" parameter.

7.5 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://online.securityfocus.com/archive/82/248396 Vendor Advisory
http://www.iss.net/security_center/static/7817.php Patch Vendor Advisory
http://www.securityfocus.com/bid/3799
http://marc.info/?l=bugtraq&m=101189911121808&w=2
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:plumtree:plumtree_corporate_portal:4.0_sp1:*:*:*:*:*:*:*
cpe:2.3:a:plumtree:plumtree_corporate_portal:4.0i:*:*:*:*:*:*:*
cpe:2.3:a:plumtree:plumtree_corporate_portal:4.0i_sp1:*:*:*:*:*:*:*
cpe:2.3:a:plumtree:plumtree_corporate_portal:4.5:*:*:*:*:*:*:*
cpe:2.3:a:plumtree:plumtree_corporate_portal:3.5:*:*:*:*:*:*:*
cpe:2.3:a:plumtree:plumtree_corporate_portal:4.0:*:*:*:*:*:*:*
Information

Published : 2002-05-15 21:00

Updated : 2016-10-17 19:17

NVD link : CVE-2002-0205

Mitre link : CVE-2002-0205

JSON object : View

CWE
NVD-CWE-Other
Advertisement

dedicated server usa
Products Affected

plumtree

  • plumtree_corporate_portal