Cross-site scripting vulnerability in Infopop Ultimate Bulletin Board (UBB) before 5.47e allows remote attackers to steal user cookies via an [IMG] tag that references an about: URL with an onerror field.
No CVSS v3.1
No CVSS v3.0
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact Partial
Integrity Impact None
Availability Impact None
AV:N/AC:L/Au:N/C:P/I:N/A:N
Vendors | Products |
---|---|
Infopop |
|
Configuration 1 [-]
|
References
Link | Resource |
---|---|
http://marc.info/?l=bugtraq&m=100586033530341&w=2 | Mailing List |
http://marc.info/?l=bugtraq&m=100586541317940&w=2 | Mailing List |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2002-02-02T05:00:00
Updated: 2016-10-17T13:57:01
Reserved: 2002-01-31T00:00:00
Link: CVE-2001-0897
JSON object: View
NVD Information
Status : Analyzed
Published: 2001-11-15T05:00:00.000
Modified: 2023-05-16T11:09:02.377
Link: CVE-2001-0897
JSON object: View
Redhat Information
No data.
CWE