CVE Vulnerabilities

CVE-2002-0166

Published: Apr 22, 2002 | Modified: Sep 11, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Cross-site scripting vulnerability in analog before 5.22 allows remote attackers to execute Javascript via an HTTP request containing the script, which is entered into a web logfile and not properly filtered by analog during display.

Affected Software

Name Vendor Start Version End Version
Analog Stephen_turner 5.01 5.01
Analog Stephen_turner 4.90_beta2 4.90_beta2
Analog Stephen_turner 5.2 5.2
Analog Stephen_turner 4.91_beta1 4.91_beta1
Analog Stephen_turner 5.02 5.02
Analog Stephen_turner 3.90_beta1 3.90_beta1
Analog Stephen_turner 4.04 4.04
Analog Stephen_turner 4.16 4.16
Analog Stephen_turner 5.03 5.03
Analog Stephen_turner 3.90_beta2 3.90_beta2
Analog Stephen_turner 4.1 4.1
Analog Stephen_turner 4.15 4.15
Analog Stephen_turner 4.02 4.02
Analog Stephen_turner 4.90_beta4 4.90_beta4
Analog Stephen_turner 4.14 4.14
Analog Stephen_turner 5.1a 5.1a
Analog Stephen_turner 4.11 4.11
Analog Stephen_turner 4.03 4.03
Analog Stephen_turner 5.0 5.0
Analog Stephen_turner 4.90_beta3 4.90_beta3
Analog Stephen_turner 4.01 4.01

References