VYPR
Unrated severityNVD Advisory· Published Nov 29, 2002· Updated Jun 16, 2026

CVE-2002-1315

CVE-2002-1315

Description

Cross-site scripting (XSS) vulnerability in the Admin Server for iPlanet WebServer 4.x, up to SP11, allows remote attackers to execute web script or HTML as the iPlanet administrator by injecting the desired script into error logs, and possibly escalating privileges by using the XSS vulnerability in conjunction with another issue (CVE-2002-1316).

Affected products

13
  • cpe:2.3:a:iplanet:iplanet_web_server:4.1:*:*:*:*:*:*:*+ 11 more
    • cpe:2.3:a:iplanet:iplanet_web_server:4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp1:*:*:*:*:*:*:*
    • cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp10:*:*:*:*:*:*:*
    • cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp11:*:*:*:*:*:*:*
    • cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp2:*:*:*:*:*:*:*
    • cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp3:*:*:*:*:*:*:*
    • cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp4:*:*:*:*:*:*:*
    • cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp5:*:*:*:*:*:*:*
    • cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp6:*:*:*:*:*:*:*
    • cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp7:*:*:*:*:*:*:*
    • cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp8:*:*:*:*:*:*:*
    • cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp9:*:*:*:*:*:*:*
  • Range: 4.x <= SP11

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.