BlackKite: Home
Menu

PUBLISHED DATE: December 31, 2002CVE-2002-1681:
Cross-Site Scripting Vulnerability

CVSS:
6.8
EPSS:
85.50%
Exploitability:
8.6
In KEV:
No
Description

Cross-site scripting (XSS) vulnerability in Slashcode CVS releases June 17 through July 1 2002 allows remote attackers to execute arbitrary script as other users by injecting script into the paragraph <P> tag.

Products
Questions to Ask Vendors
  1. Can you confirm whether your systems are affected by CVE-2002-1681, and if so, what steps are you currently taking to mitigate this vulnerability?
  2. What is your estimated timeline for fully resolving CVE-2002-1681 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions
References

Ready to get results you can trust?