PT-2002-1580 · Novell · Novell Web Search

Published

2002-06-11

Updated

2008-09-10

CVE-2002-0530

CVSS v2.0

5.1

Medium

Vector

AV:N/AC:H/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Novell Web Search version 2.0.1

Description A cross-site scripting issue allows remote attackers to execute arbitrary script as other Web Search users via the search parameter in the API endpoint.

Recommendations For Novell Web Search version 2.0.1, avoid using the search parameter in the affected API endpoint until the issue is resolved.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-0530

Affected Products

Novell Web Search

PT-2002-1580 · Novell · Novell Web Search

CVE-2002-0530

Related Identifiers

Affected Products

References · 3