Vulnerabilities > Open Source Development Network > Slashcode > 2.2.4

DATE CVE VULNERABILITY TITLE RISK
2002-12-31 CVE-2002-1681 Unspecified vulnerability in Open Source Development Network Slashcode
Cross-site scripting (XSS) vulnerability in Slashcode CVS releases June 17 through July 1 2002 allows remote attackers to execute arbitrary script as other users by injecting script into the paragraph <P> tag.
6.8
2002-05-31 CVE-2002-0292 Cross-Site Scripting vulnerability in SlashCode
Cross-site scripting vulnerability in Slash before 2.2.5, as used in Slashcode and elsewhere, allows remote attackers to steal cookies and authentication information from other users via Javascript in a URL, possibly in the formkey field.
network
high complexity
open-source-development-network
2.6