VYPR
Unrated severityNVD Advisory· Published Apr 22, 2002· Updated Jun 16, 2026

CVE-2002-0166

CVE-2002-0166

Description

Cross-site scripting vulnerability in analog before 5.22 allows remote attackers to execute Javascript via an HTTP request containing the script, which is entered into a web logfile and not properly filtered by analog during display.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

22
  • cpe:2.3:a:stephen_turner:analog:3.90_beta1:*:*:*:*:*:*:*+ 21 more
    • cpe:2.3:a:stephen_turner:analog:3.90_beta1:*:*:*:*:*:*:*
    • cpe:2.3:a:stephen_turner:analog:3.90_beta2:*:*:*:*:*:*:*
    • cpe:2.3:a:stephen_turner:analog:4.01:*:*:*:*:*:*:*
    • cpe:2.3:a:stephen_turner:analog:4.02:*:*:*:*:*:*:*
    • cpe:2.3:a:stephen_turner:analog:4.03:*:*:*:*:*:*:*
    • cpe:2.3:a:stephen_turner:analog:4.04:*:*:*:*:*:*:*
    • cpe:2.3:a:stephen_turner:analog:4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:stephen_turner:analog:4.11:*:*:*:*:*:*:*
    • cpe:2.3:a:stephen_turner:analog:4.14:*:*:*:*:*:*:*
    • cpe:2.3:a:stephen_turner:analog:4.15:*:*:*:*:*:*:*
    • cpe:2.3:a:stephen_turner:analog:4.16:*:*:*:*:*:*:*
    • cpe:2.3:a:stephen_turner:analog:4.90_beta2:*:*:*:*:*:*:*
    • cpe:2.3:a:stephen_turner:analog:4.90_beta3:*:*:*:*:*:*:*
    • cpe:2.3:a:stephen_turner:analog:4.90_beta4:*:*:*:*:*:*:*
    • cpe:2.3:a:stephen_turner:analog:4.91_beta1:*:*:*:*:*:*:*
    • cpe:2.3:a:stephen_turner:analog:5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:stephen_turner:analog:5.01:*:*:*:*:*:*:*
    • cpe:2.3:a:stephen_turner:analog:5.02:*:*:*:*:*:*:*
    • cpe:2.3:a:stephen_turner:analog:5.03:*:*:*:*:*:*:*
    • cpe:2.3:a:stephen_turner:analog:5.1a:*:*:*:*:*:*:*
    • cpe:2.3:a:stephen_turner:analog:5.2:*:*:*:*:*:*:*
    • (no CPE)range: <5.22

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.