CVE-2002-2359: XSS
First published: Tue Dec 31 2002(Updated: )
Cross-site scripting (XSS) vulnerability in the FTP view feature in Mozilla 1.0 allows remote attackers to inject arbitrary web script or HTML via the title tag of an ftp URL.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mozilla Firefox | =1.0 | |
| Mozilla Firefox | =1.0-rc1 | |
| Mozilla Firefox | =1.0-rc2 | |
| Mozilla Firefox | =1.1-alpha |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2002-2359?
CVE-2002-2359 is considered a moderate severity vulnerability due to its ability to allow cross-site scripting attacks.
How do I fix CVE-2002-2359?
To fix CVE-2002-2359, upgrade to a version of Mozilla that is not vulnerable, such as Mozilla 1.1 or later.
What are the affected versions in CVE-2002-2359?
CVE-2002-2359 affects Mozilla versions 1.0, 1.0-rc1, 1.0-rc2, and 1.1-alpha.
What type of vulnerability is CVE-2002-2359?
CVE-2002-2359 is a cross-site scripting (XSS) vulnerability.
Can CVE-2002-2359 be exploited remotely?
Yes, CVE-2002-2359 can be exploited remotely by injecting arbitrary web script or HTML via the title tag of an ftp URL.
- agent/references
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- agent/author
- agent/severity
- agent/remedy
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- agent/weakness
- vendor/mozilla
- canonical/mozilla firefox
- version/mozilla firefox/1.0
- version/mozilla firefox/1.0-rc1
- version/mozilla firefox/1.0-rc2
- version/mozilla firefox/1.1-alpha