CVE-2001-0987

Published Jul 22, 2001

Last updated 7 years ago

Overview

Description: Cross-site scripting vulnerability in CGIWrap before 3.7 allows remote attackers to execute arbitrary Javascript on other web clients by causing the Javascript to be inserted into error messages that are generated by CGIWrap.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6D77B405-5FD8-4886-B9DD-5841DCCEDA86",
            "versionEndIncluding": "3.7"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References