← back
CVE-2002-2129

CVE-2002-2129

EPSS 3.6%
Cross-site scripting vulnerability (XSS) in editform.php for w-Agora 4.1.5 allows remote attackers to execute arbitrary web script via an arbitrary form field name containing the script, which is echoed back to the user when displaying the form.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/22109unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://archives.neohapsis.com/archives/bugtraq/2002-12/0222.htmlhttp://archives.neohapsis.com/archives/bugtraq/2002-12/0225.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/10920http://www.securityfocus.com/bid/6464