cbcvebase.
CVE-2002-1315
published 2002-11-29

CVE-2002-1315: Cross-site scripting (XSS) vulnerability in the Admin Server for iPlanet WebServer 4.x, up to SP11, allows remote attackers to execute web script or HTML as…

PriorityP417medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EPSS
1.64%
73.4th percentile
Cross-site scripting (XSS) vulnerability in the Admin Server for iPlanet WebServer 4.x, up to SP11, allows remote attackers to execute web script or HTML as the iPlanet administrator by injecting the desired script into error logs, and possibly escalating privileges by using the XSS vulnerability in conjunction with another issue (CVE-2002-1316).

Affected

16 ranges
VendorProductVersion rangeFixed in
iplanetiplanet_web_server
iplanetiplanet_web_server
iplanetiplanet_web_server
iplanetiplanet_web_server
iplanetiplanet_web_server
iplanetiplanet_web_server
iplanetiplanet_web_server
iplanetiplanet_web_server
iplanetiplanet_web_server
iplanetiplanet_web_server
iplanetiplanet_web_server
iplanetiplanet_web_server
sunone_web_server<= 4.1
sunone_web_server<= 6.0
sunone_web_server
sunone_web_server
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.