CVE-2002-2358

Sažetak

Cross-site scripting (XSS) vulnerability in the FTP view feature in Opera 6.0 and 6.01 through 6.04 allows remote attackers to inject arbitrary web script or HTML via the title tag of an FTP URL.

Reference

http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0061.html
http://online.securityfocus.com/archive/1/286151
http://www.iss.net/security_center/static/9757.php
http://www.opera.com/windows/changelogs/605/?session=b2a9ea38c710788c23970ba2c9a34d47
http://www.securityfocus.com/bid/5401

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

05-09-2008 - 20:33

Objavljeno

31-12-2002 - 05:00