CVE-2002-2358: XSS
First published: Tue Dec 31 2002(Updated: )
Cross-site scripting (XSS) vulnerability in the FTP view feature in Opera 6.0 and 6.01 through 6.04 allows remote attackers to inject arbitrary web script or HTML via the title tag of an FTP URL.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Opera Browser | =6.0 | |
| Opera Browser | =6.0 | |
| Opera Browser | =6.0.1 | |
| Opera Browser | =6.0.1 | |
| Opera Browser | =6.0.1 | |
| Opera Browser | =6.0.2 | |
| Opera Browser | =6.0.3 | |
| Opera Browser | =6.0.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2002-2358?
CVE-2002-2358 is considered a medium severity vulnerability due to its potential for cross-site scripting attacks.
How do I fix CVE-2002-2358?
To fix CVE-2002-2358, upgrade to a version of the Opera web browser later than 6.0.4.
Who is affected by CVE-2002-2358?
CVE-2002-2358 affects users using Opera versions 6.0 through 6.0.4 on any platform.
What kind of attacks can CVE-2002-2358 facilitate?
CVE-2002-2358 can facilitate cross-site scripting attacks allowing attackers to inject arbitrary web scripts or HTML.
When was CVE-2002-2358 disclosed?
CVE-2002-2358 was disclosed in 2002 and relates to vulnerabilities found in early versions of the Opera browser.
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- agent/references
- agent/author
- agent/severity
- agent/remedy
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- agent/weakness
- vendor/opera software
- canonical/opera browser
- version/opera browser/6.0
- version/opera browser/6.0.1
- version/opera browser/6.0.2
- version/opera browser/6.0.3
- version/opera browser/6.0.4