CVE-2002-0292

LOW

—CVSS v3

2.6CVSS v2

1.03% EPSS (exploit probability)

—CWE

Description

Cross-site scripting vulnerability in Slash before 2.2.5, as used in Slashcode and elsewhere, allows remote attackers to steal cookies and authentication information from other users via Javascript in a URL, possibly in the formkey field.

Affected routers (0)

No routers currently mapped to this CVE in our database.

External references

NIST NVD
MITRE CVE