CVE-2002-0771 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2002-0771

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Cross-site scripting vulnerability in viewcvs.cgi for ViewCVS 0.9.2 allows remote attackers to inject script and steal cookies via the (1) cvsroot or (2) sortby parameters.

Affected Software

Name	Vendor	Start Version	End Version
Viewcvs	Viewcvs	0.8 (including)	0.8 (including)
Viewcvs	Viewcvs	0.9 (including)	0.9 (including)
Viewcvs	Viewcvs	0.9.1 (including)	0.9.1 (including)
Viewcvs	Viewcvs	0.9.2 (including)	0.9.2 (including)

References

http://archives.neohapsis.com/archives/bugtraq/2002-05/0161.html
http://www.iss.net/security_center/static/9112.php
http://www.securityfocus.com/bid/4818
http://archives.neohapsis.com/archives/bugtraq/2002-05/0161.html
http://www.iss.net/security_center/static/9112.php
http://www.securityfocus.com/bid/4818