Unrated severityNVD Advisory· Published Nov 29, 2002· Updated Apr 16, 2026
CVE-2002-1315
CVE-2002-1315
Description
Cross-site scripting (XSS) vulnerability in the Admin Server for iPlanet WebServer 4.x, up to SP11, allows remote attackers to execute web script or HTML as the iPlanet administrator by injecting the desired script into error logs, and possibly escalating privileges by using the XSS vulnerability in conjunction with another issue (CVE-2002-1316).
Affected products
12cpe:2.3:a:iplanet:iplanet_web_server:4.1:*:*:*:*:*:*:*+ 11 more
- cpe:2.3:a:iplanet:iplanet_web_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp1:*:*:*:*:*:*:*
- cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp2:*:*:*:*:*:*:*
- cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp3:*:*:*:*:*:*:*
- cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp4:*:*:*:*:*:*:*
- cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp5:*:*:*:*:*:*:*
- cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp6:*:*:*:*:*:*:*
- cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp7:*:*:*:*:*:*:*
- cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp8:*:*:*:*:*:*:*
- cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp9:*:*:*:*:*:*:*
- cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp10:*:*:*:*:*:*:*
- cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp11:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- archives.neohapsis.com/archives/vulnwatch/2002-q4/0078.htmlnvdExploitVendor Advisory
- www.iss.net/security_center/static/10692.phpnvdExploit
- www.ngsec.com/docs/advisories/NGSEC-2002-4.txtnvdExploitVendor Advisory
- www.securityfocus.com/bid/6202nvdExploit
- marc.infonvd
- sunsolve.sun.com/search/document.donvd
News mentions
0No linked articles in our index yet.