VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Dec 4, 2001· Updated Apr 16, 2026

CVE-2001-0948

CVE-2001-0948

Description

Cross-site scripting (CSS) vulnerability in ValiCert Enterprise Validation Authority (EVA) 3.3 through 4.2.1 allows remote attackers to execute arbitrary code or display false information by including HTML or script in the certificate's description, which is executed when the certificate is viewed.

Affected products

11
  • Valicert/Enterprise Validation Authority11 versions
    cpe:2.3:a:valicert:enterprise_validation_authority:3.3:*:*:*:*:*:*:*+ 10 more
    • cpe:2.3:a:valicert:enterprise_validation_authority:3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:valicert:enterprise_validation_authority:3.4:*:*:*:*:*:*:*
    • cpe:2.3:a:valicert:enterprise_validation_authority:3.5:*:*:*:*:*:*:*
    • cpe:2.3:a:valicert:enterprise_validation_authority:3.6:*:*:*:*:*:*:*
    • cpe:2.3:a:valicert:enterprise_validation_authority:3.7:*:*:*:*:*:*:*
    • cpe:2.3:a:valicert:enterprise_validation_authority:3.8:*:*:*:*:*:*:*
    • cpe:2.3:a:valicert:enterprise_validation_authority:3.9:*:*:*:*:*:*:*
    • cpe:2.3:a:valicert:enterprise_validation_authority:4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:valicert:enterprise_validation_authority:4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:valicert:enterprise_validation_authority:4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:valicert:enterprise_validation_authority:4.2.1:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

4

News mentions

0

No linked articles in our index yet.