CVE-2002-0205
Published May 16, 2002
Last updated 8 years ago
Overview
- Description
- Cross-site scripting (CSS) vulnerability in error.asp for Plumtree Corporate Portal 3.5 through 4.5 allows remote attackers to execute arbitrary script on other clients via the "Description" parameter.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:plumtree:plumtree_corporate_portal:3.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8C500AF9-2B35-490B-B804-7F05DF150D7A"
},
{
"criteria": "cpe:2.3:a:plumtree:plumtree_corporate_portal:4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AC5CDD20-DCDA-4595-9542-9BF69B3A685B"
},
{
"criteria": "cpe:2.3:a:plumtree:plumtree_corporate_portal:4.0_sp1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "24DD8844-463D-4F12-B5F6-F704983E0E02"
},
{
"criteria": "cpe:2.3:a:plumtree:plumtree_corporate_portal:4.0i:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B68BF3F0-2B97-433D-B5F5-805146D52E60"
},
{
"criteria": "cpe:2.3:a:plumtree:plumtree_corporate_portal:4.0i_sp1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ACECEA85-8F42-4037-BEF7-639D0FF40B2F"
},
{
"criteria": "cpe:2.3:a:plumtree:plumtree_corporate_portal:4.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "593151E5-DD0B-435D-9C8F-95495146C8AB"
}
],
"operator": "OR"
}
]
}
]