CVE-2002-1651

Verity Search97 - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in Verity Search97 allows remote attackers to insert arbitrary web content and steal sensitive information from other clients, possibly due to certain error messages from template pages that use the (1) vformat or (2) vfilter functions.

References (3)

[Patch, US Government Resource] http://www.kb.cert.org/vuls/id/636431

[Patch] http://www.securityfocus.com/bid/5102

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/9441

Scores

EPSS 0.0193

EPSS Percentile 83.2%

Classification

CWE

CWE-79

Status draft

Affected Products (1)

verity/search97

Timeline

Published Dec 31, 2002

Tracked Since Feb 18, 2026