Unrated severityNVD Advisory· Published Nov 29, 2002· Updated Jun 16, 2026
CVE-2002-1315
CVE-2002-1315
Description
Cross-site scripting (XSS) vulnerability in the Admin Server for iPlanet WebServer 4.x, up to SP11, allows remote attackers to execute web script or HTML as the iPlanet administrator by injecting the desired script into error logs, and possibly escalating privileges by using the XSS vulnerability in conjunction with another issue (CVE-2002-1316).
Affected products
13cpe:2.3:a:iplanet:iplanet_web_server:4.1:*:*:*:*:*:*:*+ 11 more
- cpe:2.3:a:iplanet:iplanet_web_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp1:*:*:*:*:*:*:*
- cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp10:*:*:*:*:*:*:*
- cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp11:*:*:*:*:*:*:*
- cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp2:*:*:*:*:*:*:*
- cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp3:*:*:*:*:*:*:*
- cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp4:*:*:*:*:*:*:*
- cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp5:*:*:*:*:*:*:*
- cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp6:*:*:*:*:*:*:*
- cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp7:*:*:*:*:*:*:*
- cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp8:*:*:*:*:*:*:*
- cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp9:*:*:*:*:*:*:*
- Range: 4.x <= SP11
Patches
Vulnerability mechanics
References
6- archives.neohapsis.com/archives/vulnwatch/2002-q4/0078.htmlnvdExploitVendor Advisory
- www.iss.net/security_center/static/10692.phpnvdExploit
- www.ngsec.com/docs/advisories/NGSEC-2002-4.txtnvdExploitVendor Advisory
- www.securityfocus.com/bid/6202nvdExploit
- marc.infonvd
- sunsolve.sun.com/search/document.donvd
News mentions
0No linked articles in our index yet.