CVE Vulnerabilities

CVE-2001-0948

Published: Dec 04, 2001 | Modified: Dec 19, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Cross-site scripting (CSS) vulnerability in ValiCert Enterprise Validation Authority (EVA) 3.3 through 4.2.1 allows remote attackers to execute arbitrary code or display false information by including HTML or script in the certificates description, which is executed when the certificate is viewed.

Affected Software

Name Vendor Start Version End Version
Enterprise_validation_authority Valicert 3.3 3.3
Enterprise_validation_authority Valicert 3.4 3.4
Enterprise_validation_authority Valicert 3.5 3.5
Enterprise_validation_authority Valicert 3.6 3.6
Enterprise_validation_authority Valicert 3.7 3.7
Enterprise_validation_authority Valicert 3.8 3.8
Enterprise_validation_authority Valicert 3.9 3.9
Enterprise_validation_authority Valicert 4.0 4.0
Enterprise_validation_authority Valicert 4.1 4.1
Enterprise_validation_authority Valicert 4.2 4.2
Enterprise_validation_authority Valicert 4.2.1 4.2.1

References