CVE-2002-1315

CVSS 6.8 - MEDIUM
Description

Cross-site scripting (XSS) vulnerability in the Admin Server for iPlanet WebServer 4.x, up to SP11, allows remote attackers to execute web script or HTML as the iPlanet administrator by injecting the desired script into error logs, and possibly escalating privileges by using the XSS vulnerability in conjunction with another issue (CVE-2002-1316).

Affected Products
12
Vendor Product Version
iplanet iplanet_web_server 4.1
iplanet iplanet_web_server 4.1_sp1
iplanet iplanet_web_server 4.1_sp2
iplanet iplanet_web_server 4.1_sp3
iplanet iplanet_web_server 4.1_sp4
iplanet iplanet_web_server 4.1_sp5
iplanet iplanet_web_server 4.1_sp6
iplanet iplanet_web_server 4.1_sp7
iplanet iplanet_web_server 4.1_sp8
iplanet iplanet_web_server 4.1_sp9
iplanet iplanet_web_server 4.1_sp10
iplanet iplanet_web_server 4.1_sp11
References
http://archives.neohapsis.com/archives/vulnwatch/2...
http://marc.info/?l=bugtraq&m=103772308030269&w=2
http://sunsolve.sun.com/search/document.do?assetke...
http://www.iss.net/security_center/static/10692.ph...
http://www.ngsec.com/docs/advisories/NGSEC-2002-4....
http://www.securityfocus.com/bid/6202
http://archives.neohapsis.com/archives/vulnwatch/2...
http://marc.info/?l=bugtraq&m=103772308030269&w=2
http://sunsolve.sun.com/search/document.do?assetke...
http://www.iss.net/security_center/static/10692.ph...
http://www.ngsec.com/docs/advisories/NGSEC-2002-4....
http://www.securityfocus.com/bid/6202
Weakness Types
NVD-CWE-Other
CVE Information
CVE ID:
CVE-2002-1315
Published:
2002-11-29
Modified:
2026-04-16
CVSS Score:
6.8
Severity:
MEDIUM
Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P
Affected Vendors
iplanet
Quick Actions
View on NVD Find Similar CVEs
CVSS Severity Scale
0.0 - 3.9 LOW
4.0 - 6.9 MEDIUM
7.0 - 8.9 HIGH
9.0 - 10.0 CRITICAL