Unrated severityNVD Advisory· Published Apr 22, 2002· Updated Jun 16, 2026
CVE-2002-0166
CVE-2002-0166
Description
Cross-site scripting vulnerability in analog before 5.22 allows remote attackers to execute Javascript via an HTTP request containing the script, which is entered into a web logfile and not properly filtered by analog during display.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
22cpe:2.3:a:stephen_turner:analog:3.90_beta1:*:*:*:*:*:*:*+ 21 more
- cpe:2.3:a:stephen_turner:analog:3.90_beta1:*:*:*:*:*:*:*
- cpe:2.3:a:stephen_turner:analog:3.90_beta2:*:*:*:*:*:*:*
- cpe:2.3:a:stephen_turner:analog:4.01:*:*:*:*:*:*:*
- cpe:2.3:a:stephen_turner:analog:4.02:*:*:*:*:*:*:*
- cpe:2.3:a:stephen_turner:analog:4.03:*:*:*:*:*:*:*
- cpe:2.3:a:stephen_turner:analog:4.04:*:*:*:*:*:*:*
- cpe:2.3:a:stephen_turner:analog:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:stephen_turner:analog:4.11:*:*:*:*:*:*:*
- cpe:2.3:a:stephen_turner:analog:4.14:*:*:*:*:*:*:*
- cpe:2.3:a:stephen_turner:analog:4.15:*:*:*:*:*:*:*
- cpe:2.3:a:stephen_turner:analog:4.16:*:*:*:*:*:*:*
- cpe:2.3:a:stephen_turner:analog:4.90_beta2:*:*:*:*:*:*:*
- cpe:2.3:a:stephen_turner:analog:4.90_beta3:*:*:*:*:*:*:*
- cpe:2.3:a:stephen_turner:analog:4.90_beta4:*:*:*:*:*:*:*
- cpe:2.3:a:stephen_turner:analog:4.91_beta1:*:*:*:*:*:*:*
- cpe:2.3:a:stephen_turner:analog:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:stephen_turner:analog:5.01:*:*:*:*:*:*:*
- cpe:2.3:a:stephen_turner:analog:5.02:*:*:*:*:*:*:*
- cpe:2.3:a:stephen_turner:analog:5.03:*:*:*:*:*:*:*
- cpe:2.3:a:stephen_turner:analog:5.1a:*:*:*:*:*:*:*
- cpe:2.3:a:stephen_turner:analog:5.2:*:*:*:*:*:*:*
- (no CPE)range: <5.22
Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.