Cross-site scripting vulnerability in Double Choco Latte (DCL) before 20020706 allows remote attackers to inject arbitrary HTML, including script, into web pages via the (1) Ticket# Find, (2) Priorities, (3) Severities, (4) Projects, (5) WO# Find, (6) Departments and (7) Users features.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:N/C:N/I:P/A:N
Vendors Products
Michael Dean
  • Double Choco Latte

Configuration 1 [-]

OR cpe:2.3:a:michael_dean:double_choco_latte:2002-01-20:*:*:*:*:*:*:*
cpe:2.3:a:michael_dean:double_choco_latte:2002-02-15:*:*:*:*:*:*:*
References
Link Resource
http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0022.html
http://dcl.sourceforge.net/index.php
http://marc.info/?l=bugtraq&m=102668783632589&w=2
http://www.iss.net/security_center/static/9532.php Patch Vendor Advisory
http://www.securityfocus.com/bid/5182 Patch Vendor Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2002-08-31T04:00:00

Updated: 2016-10-17T13:57:01

Reserved: 2002-08-27T00:00:00

Link: CVE-2002-1037

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2002-10-04T04:00:00.000

Modified: 2016-10-18T02:23:26.400

Link: CVE-2002-1037

JSON object: View

cve-icon Redhat Information

No data.

CWE