← Back

CVE-2002-1315

nvd nist
Published: Nov 29, 2002Modified: Apr 16, 2026

JSON object

Loading...
6.8
Vector
AV:N/AC:M/Au:N/C:P/I:P/A:P
Exploitability: 8.6 / Impact: 6.4
Source: NVD

Description

Cross-site scripting (XSS) vulnerability in the Admin Server for iPlanet WebServer 4.x, up to SP11, allows remote attackers to execute web script or HTML as the iPlanet administrator by injecting the desired script into error logs, and possibly escalating privileges by using the XSS vulnerability in conjunction with another issue (CVE-2002-1316).

Affected (12)

Iplanet
1 product
Iplanet Web Server
Configuration A
12 vulnerable
Vulnerable SoftwareAffected Versions
Iplanet
Iplanet Web Server
Version 4.1
Iplanet Web Server
Version 4.1_sp10
Iplanet Web Server
Version 4.1_sp11
Iplanet Web Server
Version 4.1_sp1
Iplanet Web Server
Version 4.1_sp2
Iplanet Web Server
Version 4.1_sp3
Iplanet Web Server
Version 4.1_sp4
Iplanet Web Server
Version 4.1_sp5
Iplanet Web Server
Version 4.1_sp6
Iplanet Web Server
Version 4.1_sp7
Iplanet Web Server
Version 4.1_sp8
Iplanet Web Server
Version 4.1_sp9

References (12)

Source: cve@mitre.org
ExploitVendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Exploit
Source: cve@mitre.org
ExploitVendor Advisory
Source: cve@mitre.org
Exploit
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit

Timeline

No history available yet.