CVE-2002-0840 in HTTP Serverالمعلومات

الملخص

بحسب MITRE

Cross-site scripting (XSS) vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is "Off" and support for wildcard DNS is present, allows remote attackers to execute script as other web page visitors via the Host: header, a different vulnerability than CAN-2002-1157.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

إفشاء

11/10/2002

الاعتدال

تمت الموافقة

إدخال

VDB-19051

CPE

جاهز

CWE

CWE-80 (مؤكد)

استغلال

تحميل

CVSS

6.8 (NVD)

EPSS

0.94006

KEV

لا

النشاطات

منخفض جدًا

القطاع

Agriculture, Chemical, ...

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2002-0840
NVD	https://nvd.nist.gov/vuln/detail/CVE-2002-0840
CVE Details	https://www.cvedetails.com/cve/CVE-2002-0840/

التالي ▸نظرة عامة ◂ السابق

Want to know what is going to be exploited?

We predict KEV entries!