Published: 02/01/2003 Updated: 07/11/2023

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in MHonArc prior to 2.5.14 allows remote malicious users to inject arbitrary HTML into web archive pages via HTML mail messages.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mhonarc mhonarc 2.5.12
mhonarc mhonarc 2.4.4
mhonarc mhonarc 2.5.11
mhonarc mhonarc 2.5.3
mhonarc mhonarc 2.5.1
mhonarc mhonarc 2.5.2
mhonarc mhonarc 2.5.13
mhonarc mhonarc 2.5

Earl Hood, author of mhonarc, a mail to HTML converter, discovered a cross site scripting vulnerability in this package A specially crafted HTML mail message can introduce foreign scripting content in archives, by-passing MHonArc's HTML script filtering For the current stable distribution (woody) this problem has been fixed in version 252-13 ...

Custom Nuclei Templates

Custom Nuclei Templates How to Run Download the files or repository locally Run with Nuclei Sample Runs Install the nuclei scanner githubcom/projectdiscovery/nuclei git clone githubcom/psc4re/nuclei-templatesgit cd nuclei-templates nuclei -t /* -u targets CVE-2002-1388: nuclei -t /cve-2022-1388yaml -u https:

NVD-CWE-Other http://www.securityfocus.com/bid/6479 http://www.debian.org/security/2002/dsa-221 https://exchange.xforce.ibmcloud.com/vulnerabilities/10950 http://www.mhonarc.org/archive/cgi-bin/mesg.cgi?a=mhonarc-users&i=200212220120.gBM1K8502180%40mcguire.earlhood.com https://nvd.nist.gov https://www.debian.org/security/./dsa-221 https://github.com/psc4re/nuclei-templates

CVE-2002-1388

Vulnerability Summary

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect