Vulnerabilities > CVE-2002-0787 - Cross-Site Scripting vulnerability in Critical Path Injoin Directory Server 4.0

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
critical-path
exploit available

Summary

Cross-site scripting vulnerabilities in iCon administrative web server for Critical Path inJoin Directory Server 4.0 allow remote attackers to execute script as the administrator via administrator URLs with modified (1) LOCID or (2) OC parameters.

Vulnerable Configurations

Part Description Count
Application
Critical_Path
1

Exploit-Db

descriptionCritical Path InJoin Directory Server 4.0 Cross-Site Scripting Vulnerability. CVE-2002-0787. Remote exploits for multiple platform
idEDB-ID:21444
last seen2016-02-02
modified2002-05-10
published2002-05-10
reporterNomad Mobile Research Centre
sourcehttps://www.exploit-db.com/download/21444/
titleCritical Path InJoin Directory Server 4.0 - Cross-Site Scripting Vulnerability