CVE-2002-0520

Name of the Vulnerable Software and Affected Versions ASP-Nuke version RC1

Description A cross-site scripting issue exists in the functions-inc.asp file, allowing remote attackers to execute script as other ASP-Nuke users. This can be achieved by embedding the script within an IMG tag.

Recommendations For ASP-Nuke version RC1, consider restricting access to the functions-inc.asp file until a patch is available. As a temporary workaround, avoid using the functions-inc.asp file in scenarios where user input is processed to minimize the risk of exploitation.