CVE-1999-1357

3 documents3 sources
Severity
7.5HIGH
EPSS
1.2%
top 20.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Netscape Communicator
Timeline
PublishedOct 5
Latest updateApr 30

Description

Netscape Communicator 4.04 through 4.7 (and possibly other versions) in various UNIX operating systems converts the 0x8b character to a "" sign, which could allow remote attackers to attack other clients via cross-site scripting (CSS) in CGI programs that do not filter these characters.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-5p87-h429-g84q: Netscape Communicator 42022-04-30
CVEList
CVE-1999-1357: Netscape Communicator 42001-09-12
CVE-1999-1357 (HIGH CVSS 7.5) | Netscape Communicator 4.04 through | cvebase.io