Moderate

CVE-2002-1685 - Unspecified vulnerability in Working Resources INC. Badblue

Publication: 2002-12-31
Summary

Cross-site scripting vulnerability (XSS) in BadBlue Enterprise Edition and Personal Edition 1.7 and 1.7.2 allows remote attackers to execute arbitrary script as other users by injecting script into ext.dll ISAPI.

Risk level (CVSS 4.3)

Moderate

4.3

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

Affected Products

  • Working Resources INC. Badblue enterprise_1.7.2
  • Working Resources INC. Badblue personal_1.7
  • Working Resources INC. Badblue personal_1.7.2