- Description
- Cross-site scripting vulnerability in PowerBASIC pbcgi.cgi, as included in Lil' HTTP web server, allows remote attackers to execute arbitrary web script in other web browsers via the (1) "Name" or (2) "E-mail" parameters.
- Source
- cve@mitre.org
- NVD status
- Analyzed
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:summit_computer_networks:lil_http_server:2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9DDCE4B2-41B9-4548-82E8-E884C6091FBF"
},
{
"criteria": "cpe:2.3:a:summit_computer_networks:lil_http_server:2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E7A843CF-0322-46EE-AD9A-C564007FED58"
}
],
"operator": "OR"
}
]
}
]