CVE-2002-1388 - Cross-site scripting (XSS) vulnerability in MHonArc before 2.5.14 allows remote attackers to inject

CVE-2002-1388

Summary

Cross-site scripting (XSS) vulnerability in MHonArc before 2.5.14 allows remote attackers to inject arbitrary HTML into web archive pages via HTML mail messages.

References

Vulnerable Configurations

cpe:2.3:a:mhonarc:mhonarc:2.4.4:*:*:*:*:*:*:*
cpe:2.3:a:mhonarc:mhonarc:2.4.4:*:*:*:*:*:*:*
cpe:2.3:a:mhonarc:mhonarc:2.5:*:*:*:*:*:*:*
cpe:2.3:a:mhonarc:mhonarc:2.5:*:*:*:*:*:*:*
cpe:2.3:a:mhonarc:mhonarc:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:mhonarc:mhonarc:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:mhonarc:mhonarc:2.5.2:*:*:*:*:*:*:*
cpe:2.3:a:mhonarc:mhonarc:2.5.2:*:*:*:*:*:*:*
cpe:2.3:a:mhonarc:mhonarc:2.5.3:*:*:*:*:*:*:*
cpe:2.3:a:mhonarc:mhonarc:2.5.3:*:*:*:*:*:*:*
cpe:2.3:a:mhonarc:mhonarc:2.5.11:*:*:*:*:*:*:*
cpe:2.3:a:mhonarc:mhonarc:2.5.11:*:*:*:*:*:*:*
cpe:2.3:a:mhonarc:mhonarc:2.5.12:*:*:*:*:*:*:*
cpe:2.3:a:mhonarc:mhonarc:2.5.12:*:*:*:*:*:*:*
cpe:2.3:a:mhonarc:mhonarc:2.5.13:*:*:*:*:*:*:*
cpe:2.3:a:mhonarc:mhonarc:2.5.13:*:*:*:*:*:*:*

CVSS

Base:	4.3 (as of 10-10-2017 - 01:30)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
NONE	PARTIAL	NONE

cvss-vector via4

AV:N/AC:M/Au:N/C:N/I:P/A:N

refmap via4

bid	6479
confirm	http://www.mhonarc.org/archive/cgi-bin/mesg.cgi?a=mhonarc-users&i=200212220120.gBM1K8502180@mcguire.earlhood.com
debian	DSA-221
xf	mhonarc-m2htexthtml-filter-xss(10950)

Last major update

10-10-2017 - 01:30

Published

02-01-2003 - 05:00

Last modified

10-10-2017 - 01:30