Vulnerabilities > CVE-2002-1680 - Cross-Site Scripting vulnerability in Cows CGI Online Worldweb Shopping 1.1

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

cows

NVD

Published: 2002-12-31

Updated: 2017-07-11

Summary

Cross-site scripting (XSS) vulnerability in CGI Online Worldweb Shopping 1.1 (a.k.a. COWS) allows remote attackers to execute arbitrary script as other users by injecting script into (1) diagnose.cgi or (2) compatible.cgi.

Vulnerable Configurations

Part	Description	Count
Application	Cows Cows CGI Online Worldweb Shopping 1.1	1

References

http://online.securityfocus.com/archive/82/251570
http://www.securityfocus.com/bid/3914
http://www.securityfocus.com/bid/3921
https://exchange.xforce.ibmcloud.com/vulnerabilities/7986