CVE-2002-2348

Authoria - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in athcgi.exe in Authoria HR allows remote attackers to inject arbitrary web script or HTML via the command parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Max · textwebappscgi

https://www.exploit-db.com/exploits/21926

View Code ZIP pw:eip

References (3)

[Exploit] http://www.securityfocus.com/bid/5932

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/294624

[Third Party Advisory] http://www.iss.net/security_center/static/10324.php

Scores

EPSS 0.0056

EPSS Percentile 68.1%

Classification

CWE

CWE-79

Status draft

Affected Products (1)

authoria/authoria

Timeline

Published Dec 31, 2002

Tracked Since Feb 18, 2026