CVE-2002-1662: XSS
First published: Tue Dec 31 2002(Updated: )
Multiple cross-site scripting (XSS) vulnerabilities in Mambo Site Server 4.0.11 allow remote attackers to execute arbitrary script on other clients via (1) search.php and (2) the "Your name" field during account registration.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mambo Site Server | =4.0.11 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2002-1662?
CVE-2002-1662 is classified as a moderate severity vulnerability due to its potential for executing arbitrary scripts on client browsers.
How do I fix CVE-2002-1662?
To fix CVE-2002-1662, upgrade Mambo Site Server to a version that addresses the cross-site scripting vulnerabilities.
What components are affected by CVE-2002-1662?
CVE-2002-1662 affects the search.php file and the 'Your name' field used during user registration in Mambo Site Server 4.0.11.
Who can exploit CVE-2002-1662?
Remote attackers can exploit CVE-2002-1662 to inject malicious scripts into web pages viewed by other users.
Is CVE-2002-1662 still a threat today?
While CVE-2002-1662 originates from 2002, any unpatched instances of Mambo Site Server 4.0.11 may still be vulnerable.
- agent/references
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/author
- agent/last-modified-date
- agent/severity
- agent/remedy
- agent/event
- agent/description
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/mambo
- canonical/mambo site server
- version/mambo site server/4.0.11