NVD

Id
73301  
Name
CVE-2003-0154  
Description
Cross-site scripting vulnerabilities (XSS) in bonsai Mozilla CVS query tool allow remote attackers to execute arbitrary web script via (1) the file, root, or rev parameters to cvslog.cgi, (2) the file or root parameters to cvsblame.cgi, (3) various parameters to cvsquery.cgi, (4) the person parameter to showcheckins.cgi, (5) the module parameter to cvsqueryform.cgi, and (6) possibly other attack vectors as identified by Mozilla bug #146244.  
Reject
 
CVSS Version
2  
CVSS Score
6.8  
Severity
Medium  
CVSS Base Score
6.8  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-03  
Published
2003-04-02  
Modified Date
2016-10-17  
Seq
2003-0154  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
377558 73301 CVE-2003-0154 http://bugzilla.mozilla.org/attachment.cgi?id=95950&action=view  View
377559 73301 CVE-2003-0154 http://bugzilla.mozilla.org/attachment.cgi?id=95985&action=view  View
377560 73301 CVE-2003-0154 http://bugzilla.mozilla.org/show_bug.cgi?id=146244  View
377561 73301 CVE-2003-0154 http://bugzilla.mozilla.org/show_bug.cgi?id=163573  View
377562 73301 CVE-2003-0154 20020819 Advisory: Bonsai XSS and Physical Path Revealing Vulnerabilities  View
377563 73301 CVE-2003-0154 DSA-265  View
377564 73301 CVE-2003-0154 bonsai-error-message-xss(9920)  View
377565 73301 CVE-2003-0154 5516  View

Related JVN