Unrated severityNVD Advisory· Published Dec 31, 2002· Updated Jun 16, 2026
CVE-2002-2330
CVE-2002-2330
Description
Cross-site scripting (XSS) vulnerability in stat.pl in StatsPlus 1.25 allows remote attackers to inject arbitrary web script or HTML via (1) HTTP_USER_AGENT or (2) HTTP_REFERER, which is written to stats.html and executed in client browsers.
Affected products
1Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.