VYPR
Unrated severityNVD Advisory· Published Aug 12, 2002· Updated Jun 16, 2026

CVE-2002-0738

CVE-2002-0738

Description

MHonArc 2.5.2 and earlier does not properly filter Javascript from archived e-mail messages, which could allow remote attackers to execute script in web clients by (1) splitting the SCRIPT tag into smaller pieces, (2) including the script in a SRC argument to an IMG tag, or (3) using "&={script}" syntax.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • Mhonarc/Mhonarc4 versions
    cpe:2.3:a:mhonarc:mhonarc:2.5:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:mhonarc:mhonarc:2.5:*:*:*:*:*:*:*
    • cpe:2.3:a:mhonarc:mhonarc:2.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mhonarc:mhonarc:2.5.2:*:*:*:*:*:*:*
    • (no CPE)range: <=2.5.2

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.