Vulnerabilities > CVE-2002-1662 - HTML Injection vulnerability in Mambo Site Server 4.0.11

CVSS 6.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

mambo

NVD

Published: 2002-12-31

Updated: 2017-07-11

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Mambo Site Server 4.0.11 allow remote attackers to execute arbitrary script on other clients via (1) search.php and (2) the "Your name" field during account registration.

Vulnerable Configurations

Part	Description	Count
Application	Mambo Mambo Mambo Site Server 4.0.11	1

References

http://archives.neohapsis.com/archives/bugtraq/2002-12/0111.html
http://www.securityfocus.com/bid/6386
https://exchange.xforce.ibmcloud.com/vulnerabilities/10854
https://exchange.xforce.ibmcloud.com/vulnerabilities/10859