2.6 CVE-2002-0292

Cross-site scripting vulnerability in Slash before 2.2.5, as used in Slashcode and elsewhere, allows remote attackers to steal cookies and authentication information from other users via Javascript in a URL, possibly in the formkey field.
https://nvd.nist.gov/vuln/detail/CVE-2002-0292

Categories

CWE-NVD-Other

References

 

CPE

cpe	start	end
Configuration 1
cpe:2.3:a:open_source_development_network:slashcode:*:*:*:*:*:*:*:*		<= 1.0.8
cpe:2.3:a:open_source_development_network:slashcode:2.0:*:*:*:*:*:*:*
cpe:2.3:a:open_source_development_network:slashcode:2.1:*:*:*:*:*:*:*
cpe:2.3:a:open_source_development_network:slashcode:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:open_source_development_network:slashcode:2.2:*:*:*:*:*:*:*
cpe:2.3:a:open_source_development_network:slashcode:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:open_source_development_network:slashcode:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:open_source_development_network:slashcode:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:open_source_development_network:slashcode:2.2.4:*:*:*:*:*:*:*

Exploits

Exploit-db.com

id	description	date
No known exploits

Other (github, ...)

Url
No known exploits

CAPEC

id	description	severity
No entry