CVE-2002-2422

Compaq Insight Management Agent - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in Compaq Insight Management Agents 2.0, 2.1, 3.6.0, 4.2 and 4.3.7 allows remote attackers to inject arbitrary web script or HTML via a URL, which inserts the script into the resulting error message.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Taylor Huff · textremotehardware

https://www.exploit-db.com/exploits/21827

View Code ZIP pw:eip

References (5)

[Various Sources] http://www.securiteam.com/windowsntfocus/6G00K0A5SM.html

[Exploit] http://www.securityfocus.com/bid/5780

[Third Party Advisory, VDB Entry] http://online.securityfocus.com/archive/1/294020

[Third Party Advisory, VDB Entry] http://online.securityfocus.com/archive/1/294160

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/293715

Scores

EPSS 0.0041

EPSS Percentile 61.3%

Classification

CWE

CWE-79

Status draft

Affected Products (6)

compaq/insight_management_agent

Timeline

Published Dec 31, 2002

Tracked Since Feb 18, 2026