ByteOS Network

NVD Vulnerability Details :

CVE-2002-1965

Deferred

Source-cve@mitre.org

Published At-31 Dec, 2002 | 05:00

Updated At-03 Apr, 2025 | 01:03

Cross-site scripting (XSS) vulnerability in Errors.gsl in Imatix Xitami 2.5b4 and 2.5b5 allows remote attackers to inject arbitrary web script or HTML via the (1) Javascript events, as demonstrated via an onerror event in an IMG SRC tag or (2) User-Agent field in an HTTP GET request.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	4.3	MEDIUM	AV:N/AC:M/Au:N/C:N/I:P/A:N

Type: Primary

Version: 2.0

Base score: 4.3

Base severity: MEDIUM

Vector:

AV:N/AC:M/Au:N/C:N/I:P/A:N

CPE Matches

imatix>>xitami>>2.5_b4

cpe:2.3:a:imatix:xitami:2.5_b4:*:*:*:*:*:*:*

imatix>>xitami>>2.5_b5

cpe:2.3:a:imatix:xitami:2.5_b5:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
NVD-CWE-Other	Primary	nvd@nist.gov

CWE ID: NVD-CWE-Other

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
http://online.securityfocus.com/archive/1/277058	cve@mitre.org	N/A
http://online.securityfocus.com/archive/1/279269	cve@mitre.org	N/A
http://www.securityfocus.com/bid/5025	cve@mitre.org	Exploit
http://online.securityfocus.com/archive/1/277058	af854a3a-2127-422b-91ae-364da2661108	N/A
http://online.securityfocus.com/archive/1/279269	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.securityfocus.com/bid/5025	af854a3a-2127-422b-91ae-364da2661108	Exploit