CVE-2003-0801

Nokia Electronic Documentation <5.0 - XSS

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2003-0801. PoCs published by Ollie Whitehouse.

AI-analyzed exploit summary The provided text describes a cross-site scripting (XSS) vulnerability in Nokia Electronic Documentation (NED) version 5.0, where insufficient sanitization of user-supplied data allows remote attackers to inject malicious scripts via a crafted URL.

Description

Cross-site scripting (XSS) vulnerability in Nokia Electronic Documentation (NED) 5.0 allows remote attackers to execute arbitrary web script and steal cookies via a URL to the docs/ directory that contains the script.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Ollie Whitehouse · textremotewindows
https://www.exploit-db.com/exploits/23149

The provided text describes a cross-site scripting (XSS) vulnerability in Nokia Electronic Documentation (NED) version 5.0, where insufficient sanitization of user-supplied data allows remote attackers to inject malicious scripts via a crafted URL.

Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Theoretical
Target: Nokia Electronic Documentation (NED) 5.0
No auth needed
Prerequisites: A target user must be enticed to click a malicious link
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1
Core References
Exploit, Vendor Advisory vendor-advisory x_refsource_atstake
http://www.atstake.com/research/advisories/2003/a091503-1.txt

Scores

EPSS 0.0254
EPSS Percentile 83.0%

Details

CWE
CWE-79
Status published
Products (1)
nokia/electronic_documentation 5.0
Published Oct 06, 2003
Tracked Since Feb 18, 2026